1544 matches found
kernel: agp: zero pages before sending to userspace
The 1 agpgenericallocpage and 2 agpgenericallocpages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading...
[SECURITY] Fedora 9 Update: udev-124-4.fc9
The udev package contains an implementation of devfs in userspace using sysfs and netlink...
[SECURITY] Fedora 10 Update: trickle-1.07-7.fc10
trickle is a portable lightweight userspace bandwidth shaper. It can run in collaborative mode or in stand alone mode. trickle works by taking advantage of the unix loader preloading. Essentially it provides, to the application, a new version of the functionality that is required to send and...
[SECURITY] Fedora 9 Update: trickle-1.07-7.fc9
trickle is a portable lightweight userspace bandwidth shaper. It can run in collaborative mode or in stand alone mode. trickle works by taking advantage of the unix loader preloading. Essentially it provides, to the application, a new version of the functionality that is required to send and...
[SECURITY] Fedora 9 Update: dahdi-tools-2.0.0-1.fc9
DAHDI stands for Digium Asterisk Hardware Device Interface. This package contains the userspace tools to configure the DAHDI kernel modules. DAHDI is the replacement for Zaptel, which must be renamed due to trademark issues...
Design/Logic Flaw
The pariscshowstack function in arch/parisc/kernel/traps.c in the Linux kernel before 2.6.28-rc7 on PA-RISC allows local users to cause a denial of service system crash via vectors associated with an attempt to unwind a stack that contains userspace addresses...
Null pointer dereference
The copyfromusermmapsem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations...
Debian: Security Advisory (DSA-744-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 7 : kernel-2.6.22.4-65.fc7 (2007-1785)
Update to kernel 2.6.22.2, 2.6.22.3 and 2.6.22.4: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.3 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.4 - Fix failure to find serial ports on some machines. -...
CVE-2007-3850
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space...
CVE-2007-3850
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space...
CVE-2007-3850
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space...
kernel LTC31426-4k page mapping support for userspace in 64k kernels
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space...
[SECURITY] Fedora 7 Update: fuse-2.7.0-5.fc7
With FUSE it is possible to implement a fully functional filesystem in a userspace program. This package contains the FUSE userspace tools to mount a FUSE filesystem. Note: For security reasons only members of the group "fuse" are allowed to umount fuse filesystems. You can find more details on...
CVE-2007-1582
The resource system in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting certain functions in the GD ext/gd extension and unspecified other extensions via a userspace error handler, which can be used to destroy and modify...
CVE-2007-1581
The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hashupdatefile function via a userspace 1 error or 2 stream handler, which can then be used to destroy and modify internal resources. NOTE: it was later reported that PH...
ChangeLog-2.6.19.1
commit 1edb5a2de7a29144644794208eb63abbca419430 Author: Chris Wright [email protected] Date: Mon Dec 11 11:32:53 2006 -0800 Linux 2.6.19.1 commit f558fdfaa8d62e33ef47a819d1ca659a8f9e1f1a Author: David Miller [email protected] Date: Fri Dec 8 17:14:38 2006 -0800 PATCH NETLINK: Put...
Solaris 10 - sysinfo() Local Kernel Memory Disclosure (1)
Solaris 10 - sysinfo Local Kernel Memory Disclosure 1 / Sun Microsystems Solaris sysinfo Kernel Memory Disclosure exploit =================================================================== Local exploitation of an integer overflow vulnerability in Sun Microsystems Inc. Solaris allows attackers t...
security flaw
The sysgetthreadarea function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information...
CVE-2006-0751
Multiple unspecified vulnerabilities in the 1 Filesystem in USErspace FUSE client and 2 NOOFS daemon in in Network Object Oriented File System NOOFS before 0.9.0 have unspecified impact and attack vectors...