Ubuntu Security Notice 1244-1 - Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
e4754fa6724234d333d49b5c5ae6f7479b66f52067e7648702db16544a280bcdUbuntu Security Notice 1119-1 - Multiple security flaws have been fixed in the OMAP4 port of the Linux kernel.
ee2b27059547517c9b31d6346cedd7eacba9014e9eeb821192ed01e86e778b49Ubuntu Security Notice 1073-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certain structures. Various other issues have also been addressed.
6ba8f6c6dc8aeeea6fd8953752f7beab7c32ebb9e112702d7ac851c16c79263aUbuntu Security Notice 1072-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. Various other issues have also been addressed.
812b3e28ec2f6132fd1f95415c8a0227bd33b2de0533cab3591015f15aead3cbUbuntu Security Notice 1071-1 - Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup. A local attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Various other issues were also addressed.
138f0d9acd9028b53e4c02afea0172fcf4090c982287a6d77f401f9155e9023bMandriva Linux Security Advisory 2011-029 - Multiple vulnerabilities have been discovered and fixed in the Linux 2.6 kernel. The X.25 implementation does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed data, a different vulnerability than CVE-2010-4164. The bcm_connect function Broadcast Manager in the Controller Area Network implementation in the Linux creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename. The install_special_mapping function in mm/mmap.c does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. Various other issues have also been addressed.
65f216d797172b0ef5fb798cc0c6bfad2e1a9bea20f92874be16068901dbc644Debian Linux Security Advisory 2126-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
652a215cfcfeaef0310226d8335344e5825dd30719bdba2815354e1a411557e6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed