Grsecurity Kernel Patch Security Vulnerabilities and Issues — Grsecurity Kernel Patch CVE List

Lucene search

GrsecurityGrsecurity Kernel Patch

5 matches found

CVE•added 2007/01/16 11:28 p.m.•52 views

CVE-2007-0257

Unspecified vulnerability in the expand_stack function in grsecurity PaX allows local users to gain privileges via unspecified vectors. NOTE: the grsecurity developer has disputed this issue, stating that "the function they claim the vulnerability to be in is a trivial function, which can, and has ...

7.8CVSS6.7AI score0.00137EPSS

CVE•added 2005/06/28 4:0 a.m.•44 views

CVE-2002-1826

grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory.

4.6CVSS6.7AI score0.00085EPSS

CVE•added 2007/01/16 11:28 p.m.•41 views

CVE-2007-0253

Unspecified vulnerability in the grsecurity patch has unspecified impact and remote attack vectors, a different vulnerability than the expand_stack vulnerability from the Digital Armaments 20070110 pre-advisory. NOTE: the grsecurity developer has disputed this issue, stating that "the function they...

7.2CVSS6.6AI score0.00054EPSS

CVE•added 2008/04/25 6:5 a.m.•38 views

CVE-2008-1940

The RBAC functionality in grsecurity before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2 does not enforce user_transition_deny and user_transition_allow rules for the (1) sys_setfsuid and (2) sys_setfsgid calls, which allows local users to bypass restrictions for those calls.

4.6CVSS6.4AI score0.00069EPSS

CVE•added 2006/01/17 9:3 p.m.•30 views

CVE-2006-0228

The RBAC functionality in grsecurity before 2.1.8 does not properly handle when the admin role creates a service and then exits the shell without unauthenticating, which causes the service to be restarted with the admin role still active.

7.2CVSS6.5AI score0.00055EPSS