Debian Security Advisory 1503-2 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
602da77c5b44f4181dfa36960a7570c87107eb6246c70e7a244984342052d16eDebian Security Advisory 1504 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
d9234e89f15889ca0ed30e9932d41bab7de4afb38fb3aa7aca4a51d6e95b9ab4Debian Security Advisory 1503 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
ca21d0f18806b9246b54ef9e7a73dafa480db06ba59e7da8217f46ad1652f53eVMware Security Advisory - This patch fixes a flaw in how the aacraid SCSI driver checked IOCTL command permissions. This flaw might allow a local user on the service console to cause a denial of service or gain privileges. Alin Rad Pop of Secunia Research found a stack buffer overflow flaw in the way Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash or to execute arbitrary code with the permissions of the Samba server. Chris Evans of the Google security research team discovered an integer overflow issue with the way Python's Perl-Compatible Regular Expression (PCRE) module handled certain regular expressions. If a Python application used the PCRE module to compile and execute untrusted regular expressions, it might be possible to cause the application to crash, or to execute arbitrary code with the privileges of the Python interpreter.
af87f71c42e6aa0e473a56dc13773e081ca262c64e1a2f396e37c8aeff184654Mandriva Linux Security Advisory - The compat_sys_mount function in fs/compat.c allowed local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode. The nf_conntrack function in netfilter did not set nfctinfo during reassembly of fragmented packets, which left the default value as IP_CT_ESTABLISHED and could allow remote attackers to bypass certain rulesets using IPv6 fragments. A typo in the Linux kernel caused RTA_MAX to be used as an array size instead of RTN_MAX, which lead to an out of bounds access by certain functions. The IPv6 protocol allowed remote attackers to cause a denial of service via crafted IPv6 type 0 route headers that create network amplification between two routers. The random number feature did not properly seed pools when there was no entropy, or used an incorrect cast when extracting entropy, which could cause the random number generator to provide the same values after reboots on systems without an entropy source. A memory leak in the PPPoE socket implementation allowed local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized. An integer underflow in the cpuset_tasks_read function, when the cpuset filesystem is mounted, allowed local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file. The sctp_new function in netfilter allowed remote attackers to cause a denial of service by causing certain invalid states that triggered a NULL pointer dereference. A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size. The lcd_write function did not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). The Linux kernel allowed local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die which delivered an attacker-controlled parent process death signal (PR_SET_PDEATHSIG). The aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer ioctl patch in aacraid did not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges. The IA32 system call emulation functionality, when running on the x86_64 architecture, did not zero extend the eax register after the 32bit entry path to ptrace is used, which could allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
64832840334304a0ea0bb133dcd8a2e85f8bbea606fab02ea59dc6a77f2fed01Mandriva Linux Security Advisory - A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size. The lcd_write function did not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). The decode_choice function allowed remote attackers to cause a denial of service (crash) via an encoded out-of-range index value for a choice field which triggered a NULL pointer dereference. The Linux kernel allowed local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die which delivered an attacker-controlled parent process death signal (PR_SET_PDEATHSIG). The aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer ioctl patch in aacraid did not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges. The IA32 system call emulation functionality, when running on the x86_64 architecture, did not zero extend the eax register after the 32bit entry path to ptrace is used, which could allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
7396d5929f8b6a093c3146935c5a3292400cad621bbfd5eb7745201a2c3287b1Debian Security Advisory 1363-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
d5972fd85fbf1afaad38fdca77c8deaa6dfbbe2c955a9fdc5c8d980656e91d62Ubuntu Security Notice 510-1 - Over a dozen vulnerabilities have been patched for the Linux 2.6 kernel.
21fabc8fb2c2e9a3e0a87e1d2e913ac768883fe6234b59106196e45a91e0c082Ubuntu Security Notice 508-1 - A slew of vulnerabilities have been patched for the Linux 2.6 kernel.
87ae50998bd938c21c37b4b0a93fe304a39b0322176f3d333842f6228c511d7aUbuntu Security Notice 509-1 - The Linux 2.6 kernel series suffers from multiple vulnerabilities. A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional privileges. A flaw was discovered in the usblcd driver. A local attacker could cause large amounts of kernel memory consumption, leading to a denial of service. It was discovered that certain setuid-root processes did not correctly reset process death signal handlers. A local user could manipulate this to send signals to processes they would not normally have access to. The Direct Rendering Manager for the i915 driver could be made to write to arbitrary memory locations. An attacker with access to a running X11 session could send a specially crafted buffer and gain root privileges. It was discovered that the aacraid SCSI driver did not correctly check permissions on certain ioctls. A local attacker could cause a denial of service or gain privileges.
739b16d5c2a6a6a15dde4c79a2547109bddace7cde6d485d1b7a618484a247e2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed