GSD-2022-1005716 staging: rtl8712: fix use after free bugs

staging: rtl8712: fix use after free bugs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.142 by commit...

rageframe2 跨站脚本漏洞

rageframe2 is a rapid development application engine based on the Yii2 Advanced Framework by the individual developer Jianyan74. A security vulnerability exists in rageframe2 version 2.6.37, which is caused by an XSS vulnerability in the user-agent related parameters of the info.php page...

UVI-2021-1000678 NFS: fix an incorrect limit in filelayout_decode_layout()

NFS: fix an incorrect limit in filelayoutdecodelayout This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.235 by commit...

GSD-2021-1000637 NFS: fix an incorrect limit in filelayout_decode_layout()

NFS: fix an incorrect limit in filelayoutdecodelayout This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.124 by commit...

UVI-2021-1000604 NFS: fix an incorrect limit in filelayout_decode_layout()

NFS: fix an incorrect limit in filelayoutdecodelayout This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit...

Linux kernel 'btrfs_ioctl_space_info' buffer overflow vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the 'btrfsioctlspaceinfo' function in Linux kernel version 2.6.37. A local attacker could exploit this vulnerability to cause...

Linux Kernel <= 2.6.37 - Local Privilege Escalation

No description provided by source. / Linux Kernel = 2.6.37 local privilege escalation by Dan Rosenberg @djrbliss on twitter Usage: gcc full-nelson.c -o full-nelson ./full-nelson This exploit leverages three vulnerabilities to get root, all of which were discovered by Nelson Elhage: CVE-2010-4258...

PT-2012-1932 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37 Description: The issue is related to a certain clock-update optimization that is not properly implemented, allowing local users to cause a denial of service, resulting in a system hang. This can be achiev...

kernel: no access restrictions of /proc/pid/* after setuid program exec

The proc filesystem implementation in the Linux kernel 2.6.37 and earlier does not restrict access to the /proc directory tree of a process after this process performs an exec of a setuid program, which allows local users to obtain sensitive information or cause a denial of service via open, lsee...

PT-2012-1497 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37 Description: The issue allows local users to bypass Integrity Measurement Architecture IMA rules under certain circumstances when the Linux Security Modules LSM framework is disabled. This can happen when...

kernel: perf bug

Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call...

PT-2010-5334 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37-rc2 Description: The issue is related to a use-after-free vulnerability in the mm/mprotect.c file of the Linux kernel. This vulnerability can be exploited by local users to cause a denial of service throu...