Linux kernel 安全漏洞

The Linux kernel is the kernel used by the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of resources after the caifserial protocol is disabled. This could lead to acces...

CVE-2016-10820

cPanel before 55.9999.141 allows daemons to access their controlling TTYs SEC-31...

EUVD-2016-1814

Malware in sbrugna...

CVE-2016-10809

In cPanel before 57.9999.54, /scripts/checkinfopages exposed a TTY to an unprivileged process SEC-114...

SUSE CVE-2014-0196

The nttywrite function in drivers/tty/ntty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service memory corruption and system crash or gain privileges by triggering a race condition...

Homebrew: Bypass of the installation sandbox by injecting keystrokes with TIOCSTI

While doing some internal testing recently, we ran into installation sandboxing and found a way to bypass it so that a formula's install script can execute commands outside of the sandbox. I understand from https://github.com/Homebrew/brew/issues/2986 that the sandbox is intended to prevent...

Code injection

cPanel before 55.9999.141 allows daemons to access their controlling TTYs SEC-31...

CVE-2005-0403

initdev in ttyio.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service crash and possibly gain tty access via unknown attack vectors that trigger an access of ...

CVE-2005-0403

CVE-2005-0403 affects Red Hat Enterprise Linux 3 via the Red Hat backport of NPTL. The vulnerable code is in init_dev of tty_io.c , where controlling ttys are not properly cleared in multi‑threaded applications, enabling a local user to crash the system and potentially gain access to ttys through...

MacOS X terminals information leak

Unprivileged user is unable to obtain exclusive tty access...

scx-sa-13.txt

============================================================================= Securax-SA-13 Security Advisory belgian.networking.security Dutch ============================================================================= Topic: all tty's can be written to when connecting Announced: 2001-01-01...

CVE-2000-0365

Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices...

GNU glibc 2.12.1.1 -6 - pt_chown Local Privilege Escalation

GNU glibc 2.12.1.1 -6 - ptchown Local Privilege Escalation // source: https://www.securityfocus.com/bid/597/info // ptchown is a program included with glibc 2.1.x that exists to aid the proper allocation of terminals for non-suid programs that don't have devpts support. It is installed setuid roo...

GNU glibc 2.1/2.1.1 -6 - 'pt_chown' Local Privilege Escalation

// source: https://www.securityfocus.com/bid/597/info // ptchown is a program included with glibc 2.1.x that exists to aid the proper allocation of terminals for non-suid programs that don't have devpts support. It is installed setuid root, and is shipped with RedHat Linux 6.0. As it stands,...