12 matches found
EUVD-2009-1878
Malware in sbrugna...
SUSE CVE-2009-1883
The z90cryptunlockedioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage...
Linux Kernel z90crypt驱动本地权限提升漏洞
CVE ID: CVE-2009-1883 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的z90crypt驱动中的z90cryptunlockedioctl函数没有对Z90QUIESCE操作执行权限检查,这可能允许拥有有效用户ID(euid)为0的本地用户绕过预期的功能限制,执行非授权操作。 Linux kernel 2.6.9 厂商补丁: RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2009:1438-01)以及相应补丁: RHSA-2009:1438-01:Important: kernel...
Design/Logic Flaw
The z90cryptunlockedioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage...
CVE-2009-1883
The z90cryptunlockedioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage...
CVE-2009-1883
The z90cryptunlockedioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage...
CVE-2009-1883
The z90cryptunlockedioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage...
CVE-2009-1883
CVE-2009-1883 affects the Linux kernel z90crypt driver, where a missing capability check in the z90crypt_unlocked_ioctl for the Z90QUIESCE operation can let a local user with an effective UID of 0 bypass restrictions, potentially forcing a driver outage and enabling privilege escalation. The issu...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 21st July 2010 Added links to KBase articles expanding on three...
kernel: missing capability check in z90crypt
The z90cryptunlockedioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage...
RedHat Security Advisory RHSA-2009:1438
The remote host is missing updates to the Linux kernel announced in advisory RHSA-2009:1438. This update fixes the following security issues: the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw t...
RedHat Security Advisory RHSA-2009:1438
The remote host is missing updates to the Linux kernel announced in advisory RHSA-2009:1438. This update fixes the following security issues: the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw t...