CVE-2007-0257

The CVE-2007-0257 entry concerns an unspecified vulnerability in the expand_stack function of grsecurity PaX that could allow local privilege escalation. Affected component is the expand_stack function; underlying root cause and concrete exploit vectors are not publicly detailed in the provided d...

CVE-2002-1826

The CVE-2002-1826 issue affects grsecurity 1.9.4 for the Linux kernel (2.4.18). Local users can bypass read-only protections by using mmap to directly map /dev/mem or /dev/kmem into kernel memory, as described in multiple sources (NVD/Red Hat/CVE lists). The connected documents provide the vulner...

CVE-2008-1940

The vulnerability CVE-2008-1940 affects grsecurity RBAC before 2.1.11-2.6.24.5 and 2.1.11-2.4.36.2, where the RBAC feature fails to enforce user_transition_deny and user_transition_allow for the sys_setfsuid and sys_setfsgid calls. This allows local users to bypass restrictions on these calls. Th...

CVE-2007-0253

The available connected documents identify a grsecurity patch vulnerability described as a privilege escalation related to an “expand_stack” issue. The CVE-2007-0253 description in the NVD/NVD-derived entries calls the vulnerability unspecified in impact and vectors, noting the grsecurity develop...

CVE-2006-0228

CVE-2006-0228 involves the RBAC helper in grsecurity prior to 2.1.8, where the admin role can inadvertently remain active after the admin creates a service and exits the shell without unauthenticating. This causes the service to restart with the admin role still active, giving elevated privileges...