Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

USN-2224-1: Linux kernel (Raring HWE) vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

USN-2223-1: Linux kernel (Quantal HWE) vulnerabilities

Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. CVE-2014-1738 Matthew Daley reported a flaw in the handling of ioctl commands by the floppy...

qemu-kvm security, bug fix, and enhancement update

qemu-kvm-0.12.1.2-2.415.el6 - kvm-target-i386-don-t-migrate-steal-time-MSR-on-older-ma.patch bz1022821 - Resolves: bz1022821 live-migration from RHEL6.5 to RHEL6.4.z fails with 'error while loading state for instance 0x0 of device 'cpu'' 0.12.1.2-2.414.el6 -...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2022)

Description of changes: Avoid bug caused by corrupted Ext4 filesystem. When mounting an ext4 filesystem, the kernel was not checking for zero length extents. This would cause a BUGON assertion failure in the log. NULL pointer dereference in the SCSI subsystem. A NULL dereference may occur if a SC...

FreeBSD -- Privilege escalation via mmap

Due to insufficient permission checks in the virtual memory system, a tracing process such as a debugger may be able to modify portions of the traced process's address space to which the traced process itself does not have write access...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

the Xen implementation did not prevent applications running in a para-virtualized guest from modifying CR4 TSC. This could cause a local denial of service. CVE-2007-5907, Important - Tavis Ormandy reported missing boundary checks in the Virtual Dynamic Shared Objects vDSO implementation. This...

PHP 5.3.8 - Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple NULL Pointer Dereference with...

kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions

Integer overflow in the vmatoresize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service BUGON and system crash via a crafted mremap system call that expands a memory mapping...

kernel: nfsd: fix vm overcommit crash

mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIGSECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have...

kernel: nfsd: fix vm overcommit crash

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service NULL pointer dereference and knfsd crash or possibly have unspecified other impact via unknown...

CentOS 5 : kernel (CESA-2008:0957)

Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 12th November 2008 The original packages distributed wi...

Design/Logic Flaw

The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service deadlock and system halt via vectors involving mmap and write operations on...

CVE-2009-2857

The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service deadlock and system halt via vectors involving mmap and write operations on...

FreeBSD直接管道写操作本地信息泄露漏洞

BUGTRAQ ID: 35279 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD和其他UNIX类系统上最常见的进程间通讯方式之一是匿名管道。这种机制会创建一对文件描述符，可以从一个描述符读取写入到另一个描述符的数据。 FreeBSD的管道实现中包含名为“直接写入”的优化。在这种优化中，FreeBSD内核利用虚拟内存映射允许直接在进程之间拷贝数据，而不是在调用...

A stack overflow attack and the anti-vulnerability warning-the black bar safety net

Overflow is the security of the network is often a contact to a problem, once there is some kind of overflow vulnerability, the network of thousands of computers will become a Hacker brothers and sisters on the chopping block of meat. Then the overflow in the end is what? This attack method...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.0. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

Brk vulnerability analysis and remediation-vulnerability and early warning-the black bar safety net

| brk vulnerability analysis A little out of date music at: I hope everyone also can be a little. --- Brk vulnerability analysis by icbm@0x557 1. brk loopholes in the background 2. The vulnerability principle analysis 3. Exploit analysis 4. The vulnerability is caused by thinking Brk vulnerabilit...

Fedora 7 : qemu-0.9.0-4.fc7 (2008-2001)

Ian Jackson discovered that accesses beyond end of qemu emulated disk devices can result in accesses to emulator's virtual memory space accesses and thus can allow user with sufficient privilege in guest root, as this would need modification to kernel's driver to break out of VM...

Fedora 8 : qemu-0.9.0-6.fc8 (2008-1995)

Ian Jackson discovered that accesses beyond end of qemu emulated disk devices can result in accesses to emulator's virtual memory space accesses and thus can allow user with sufficient privilege in guest root, as this would need modification to kernel's driver to break out of VM...