699 matches found
kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions
Integer overflow in the vmatoresize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service BUGON and system crash via a crafted mremap system call that expands a memory mapping...
kernel: nfsd: fix vm overcommit crash
mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIGSECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have...
kernel: nfsd: fix vm overcommit crash
mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have unspecified other impact via unknown...
CentOS 5 : kernel (CESA-2008:0957)
Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 12th November 2008 The original packages distributed wi...
Design/Logic Flaw
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service deadlock and system halt via vectors involving mmap and write operations on...
CVE-2009-2857
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service deadlock and system halt via vectors involving mmap and write operations on...
FreeBSD直接管道写操作本地信息泄露漏洞
BUGTRAQ ID: 35279 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD和其他UNIX类系统上最常见的进程间通讯方式之一是匿名管道。这种机制会创建一对文件描述符,可以从一个描述符读取写入到另一个描述符的数据。 FreeBSD的管道实现中包含名为“直接写入”的优化。在这种优化中,FreeBSD内核利用虚拟内存映射允许直接在进程之间拷贝数据,而不是在调用...
A stack overflow attack and the anti-vulnerability warning-the black bar safety net
Overflow is the security of the network is often a contact to a problem, once there is some kind of overflow vulnerability, the network of thousands of computers will become a Hacker brothers and sisters on the chopping block of meat. Then the overflow in the end is what? This attack method...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.0. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...
Brk vulnerability analysis and remediation-vulnerability and early warning-the black bar safety net
| brk vulnerability analysis A little out of date music at: I hope everyone also can be a little. --- Brk vulnerability analysis by icbm@0x557 1. brk loopholes in the background 2. The vulnerability principle analysis 3. Exploit analysis 4. The vulnerability is caused by thinking Brk vulnerabilit...
Fedora 7 : qemu-0.9.0-4.fc7 (2008-2001)
Ian Jackson discovered that accesses beyond end of qemu emulated disk devices can result in accesses to emulator's virtual memory space accesses and thus can allow user with sufficient privilege in guest root, as this would need modification to kernel's driver to break out of VM...
Fedora 8 : qemu-0.9.0-6.fc8 (2008-1995)
Ian Jackson discovered that accesses beyond end of qemu emulated disk devices can result in accesses to emulator's virtual memory space accesses and thus can allow user with sufficient privilege in guest root, as this would need modification to kernel's driver to break out of VM...
Fedora 8 : kvm-60-2.fc8 (2008-1993)
Ian Jackson discovered that accesses beyond end of qemu emulated disk devices can result in accesses to emulator's virtual memory space accesses and thus can allow user with sufficient privilege in guest root, as this would need modification to kernel's driver to break out of VM...
Hack of the classic tutorial of buffer overflow and decryption(a)-vulnerability warning-the black bar safety net
The buffer overflow weakness was born in the 7 0's. Morris Worm8 0'scan be considered their first public application. From the 9 0's, related document, such as the famous Aleph1's”Smashing the Stack for Fun and Profit”and code has been on the Internet disclosed. This article is about some need to...
CentOS 4 : kernel (CESA-2006:0493)
Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...
Memory corruption
The virtual memory implementation in Linux kernel 2.6.x allows local users to cause a denial of service panic by running lsof a large number of times in a way that produces a heavy system load...
CVE-2006-1862
The CVE-2006-1862 vulnerability affects the Linux kernel 2.6.x virtual memory implementation. It enables a local user to cause a denial of service (panic) by repeatedly running lsof, which can generate a heavy system load. Related advisories (RHSA-2006:0493 / CESA-2006:0493) document this issue a...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...
Hacker attack techniques Summary: The Sniffer listens on the law-vulnerability and early warning-the black bar safety net
One, write the purpose of this article Our forum friends keep posting ask yourself there is no poisoning, is black, or installed some software or do the wrong system settings after the system shows weird errors, but also afraid to re-install the system. System Restore function and defectivesome...
FreeBSD : openvpn -- denial of service: malicious authenticated 'tap' client can deplete server virtual memory (1986449a-8b74-40fa-b7cc-0d8def8aad65)
James Yonan reports : A malicious authenticated client in 'dev tap' ethernet bridging mode could theoretically flood the server with packets appearing to come from hundreds of thousands of different MAC addresses, causing the OpenVPN process to deplete system virtual memory as it expands its...