exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2010-3880

Status Candidate

Overview

net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.

Related Files

VMware Security Advisory 2011-0012
Posted Oct 14, 2011
Authored by VMware | Site vmware.com

VMware Security Advisory 2011-0012 - VMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.

tags | advisory
advisories | CVE-2010-0296, CVE-2010-1083, CVE-2010-1323, CVE-2010-2492, CVE-2010-2798, CVE-2010-2938, CVE-2010-2942, CVE-2010-2943, CVE-2010-3015, CVE-2010-3066, CVE-2010-3067, CVE-2010-3078, CVE-2010-3086, CVE-2010-3296, CVE-2010-3432, CVE-2010-3442, CVE-2010-3477, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3904, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075
SHA-256 | 7fd5e9259774393a258a0c189d667e06ba833c9fb8b0cd11fa8fb35727aecafa
Ubuntu Security Notice USN-1202-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Various other issues were also addressed.

tags | exploit, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-4081, CVE-2010-3296, CVE-2010-3297, CVE-2010-3858, CVE-2010-3859, CVE-2010-3874, CVE-2010-3880, CVE-2010-4073, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4169, CVE-2010-4175, CVE-2010-4242, CVE-2010-4243, CVE-2010-4248, CVE-2010-4256, CVE-2010-4565, CVE-2010-4649, CVE-2010-4655
SHA-256 | b470551b1de773c77d363adf5b0cb1910cc8654d0405c8a191ad8f00fd5d2535
Ubuntu Security Notice USN-1187-1
Posted Aug 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1187-1 - It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2010-3698, CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3881, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4079, CVE-2010-4083, CVE-2010-4163, CVE-2010-4248, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4529, CVE-2010-4565, CVE-2010-4649, CVE-2010-4656, CVE-2010-4668, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0711, CVE-2011-0712, CVE-2011-0726
SHA-256 | a19be41338e6dd32d9108d32eb9499a6fb77d0e0338c29273697babba2520b9a
Ubuntu Security Notice USN-1167-1
Posted Jul 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1167-1 - Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2010-3859, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4158, CVE-2010-4162, CVE-2010-4163, CVE-2010-4164, CVE-2010-4165, CVE-2010-4169, CVE-2010-4175, CVE-2010-4243, CVE-2010-4248, CVE-2010-4249, CVE-2010-4256, CVE-2010-4258, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4529, CVE-2010-4565, CVE-2010-4649, CVE-2010-4668, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695
SHA-256 | 8526a398ece12352476245b529d050abf1036c6d1dbd6b2e79564438cb5f197c
Ubuntu Security Notice USN-1164-1
Posted Jul 6, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1164-1 - Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Various other issues were also addressed.

tags | advisory, arbitrary, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2010-4081, CVE-2010-3865, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4157, CVE-2010-4164, CVE-2010-4248, CVE-2010-4258, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4529, CVE-2010-4565, CVE-2010-4655, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0711, CVE-2011-0712, CVE-2011-1017
SHA-256 | 4e4395012a3efacb0412aff2ad1192af5495aeffbe292f807d0de267e1af68f2
Ubuntu Security Notice USN-1080-2
Posted Mar 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1080-2 - USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for use with EC2. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4248, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
SHA-256 | 107de034a7af2d41a45827953ec1ce82649b41382c00f917b580abc858073a6c
Ubuntu Security Notice USN-1081-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1081-1 - The Linux 2.6 kernel had multiple vulnerabilities identified and addressed. It was discovered that KVM did not correctly initialize certain CPU registers. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3698, CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4079, CVE-2010-4083, CVE-2010-4248, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
SHA-256 | d8345350ee5fcccf7db501dc22e7fa3c03ec4d5ee8994a838c926a6f1424f8c6
Ubuntu Security Notice USN-1080-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1080-1 - The Linux 2.6 kernel had multiple vulnerabilities identified and addressed. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4248, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
SHA-256 | c71487823755634861f489d8726738a989e9ca187336d6c2634366b8d23bd557
Ubuntu Security Notice USN-1073-1
Posted Feb 26, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1073-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certain structures. Various other issues have also been addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-0435, CVE-2010-3448, CVE-2010-3698, CVE-2010-3859, CVE-2010-3865, CVE-2010-3873, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4074, CVE-2010-4078, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160, CVE-2010-4165, CVE-2010-4169, CVE-2010-4248, CVE-2010-4249
SHA-256 | 6ba8f6c6dc8aeeea6fd8953752f7beab7c32ebb9e112702d7ac851c16c79263a
Ubuntu Security Notice USN-1072-1
Posted Feb 26, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1072-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. Various other issues have also been addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-0435, CVE-2010-2943, CVE-2010-3296, CVE-2010-3297, CVE-2010-3448, CVE-2010-3698, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3873, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4072, CVE-2010-4074, CVE-2010-4078, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160, CVE-2010-4248
SHA-256 | 812b3e28ec2f6132fd1f95415c8a0227bd33b2de0533cab3591015f15aead3cb
Ubuntu Security Notice USN-1071-1
Posted Feb 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1071-1 - Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup. A local attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3086, CVE-2010-3859, CVE-2010-3873, CVE-2010-3875, CVE-2010-3876, CVE-2010-3880, CVE-2010-4078, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160
SHA-256 | 138f0d9acd9028b53e4c02afea0172fcf4090c982287a6d77f401f9155e9023b
Debian Security Advisory 2126-1
Posted Nov 29, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2126-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2010-2963, CVE-2010-3067, CVE-2010-3296, CVE-2010-3297, CVE-2010-3310, CVE-2010-3432, CVE-2010-3437, CVE-2010-3442, CVE-2010-3448, CVE-2010-3477, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3858, CVE-2010-3859, CVE-2010-3873, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074, CVE-2010-4078, CVE-2010-4079, CVE-2010-4080
SHA-256 | 652a215cfcfeaef0310226d8335344e5825dd30719bdba2815354e1a411557e6
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close