LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-14-2010, 04:10 PM   #196
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel FASYNC Use-After-Free Privilege Escalation Vulnerability


Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to a use-after-free error within the handling of file descriptors with the FASYNC flag set. This can be exploited to e.g. cause a crash or execute arbitrary code with kernel privileges.
Secunia Advisory
 
Old 01-20-2010, 09:40 PM   #197
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel "do_mremap()" Vulnerabilities

Quote:
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

The vulnerabilities are caused due to various problems related to "do_mremap()" and "MREMAP_FIXED", which can be exploited to e.g. cause a system crash on certain architectures.
Secunia Advisory
 
Old 02-03-2010, 12:08 AM   #198
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel 64bit Personality Handling Denial of Service

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when setting the personality of a process, which can be exploited to cause a kernel crash by e.g. executing a 64bit application with a missing ELF interpreter out of a 32bit application and causing a segmentation fault.

Successful exploitation requires a 64bit system and may also require that core dumps are enabled.
Secunia Advisory
 
Old 02-04-2010, 12:12 AM   #199
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel connector Denial of Service Security Issue

Quote:
A security issue has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The security issue is caused due to an error within the notification code in drivers/connector/connector.c, which can be exploited to trigger an out-of-memory condition.
Secunia Advisory
 
Old 02-04-2010, 11:01 PM   #200
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel KVM "pit_ioport_read()" Denial of Service

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a KVM guest to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "pit_ioport_read()" function in arch/x86/kvm/i8254.c, which can be exploited to e.g. crash the KVM host by reading from the "/dev/port" device in a KVM guest.

Successful exploitation may require root privileges in the KVM guest.
Secunia Advisory
 
Old 02-09-2010, 03:07 AM   #201
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel Multiple Vulnerabilities

Quote:
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and potentially gain escalated privileges.

1) A vulnerability is caused due to the "do_pages_move()" function in mm/migrate.c not properly verifying the node values received from userspace, which can be exploited to cause a crash or disclose memory via a specially crafted "move_pages" system call.

2) A vulnerability is caused due to a NULL pointer dereference error within the "wake_futex_pi()" function in kernel/futex.c, which can be exploited to cause a crash and potentially gain escalated privileges.
Secunia Advisory

Last edited by win32sux; 02-10-2010 at 11:27 PM. Reason: Secunia updated the advisory.
 
Old 02-10-2010, 11:29 PM   #202
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel KVM Code Emulation CPL / IOPL Privilege Escalation Vulnerabilities

Quote:
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users in a KVM guest to cause a DoS (Denial of Service) and potentially gain escalated privileges.

The vulnerabilities are caused due to KVM's x86 code emulation functionality not properly checking CPL and IOPL privileges, which can be exploited to execute arbitrary code with escalated privileges.

Successful exploitation may require an SMP guest.
Secunia Advisory
 
Old 02-20-2010, 02:13 AM   #203
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel USB Information Disclosure and Denial of Service

Quote:
A weakness and a vulnerability have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and disclose potentially sensitive information.

1) The vulnerability is caused due to the "processcompl()" and "processcompl_compat()" functions in drivers/usb/core/devio.c potentially returning kernel memory content to userspace processes, which can be exploited to e.g. disclose potentially sensitive information.

2) The weakness is caused due to a memory leak when handling certain error cases in drivers/usb/core/devio.c, which can be exploited to e.g. cause a DoS due to memory exhaustion.

Note: Successful exploitation requires access to USB userspace devices.
Secunia Advisory
 
Old 02-22-2010, 06:28 AM   #204
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel TCP RTO Calculation Denial of Service

Quote:
A vulnerability has been reported in the Linux kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when calculating retransmission timeouts (RTO), which can be exploited to e.g. cause a high CPU and network load on an affected system.

Successful exploitation may require that TCP timestamps are disabled.

The vulnerability is reported in the 2.6.32.x kernel tree.
Secunia Advisory
 
Old 02-22-2010, 06:29 AM   #205
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel hda-intel Driver "azx_position_ok()" Denial of Service

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a division by zero within the "azx_position_ok()" function in sound/pci/hda/hda_intel.c, which can be exploited to crash the system.

Note: Successful exploitation may require that the hda-intel driver is used.

The vulnerability is reported in version 2.6.32.7 and 2.6.33-rc6 on a system using the AMD780V chipset. Other versions may also be affected.
Secunia Advisory
 
Old 03-09-2010, 05:22 AM   #206
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel Video Output Status Denial of Service

Quote:
A security issue has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The security issue is caused due to an error while reading the status of video output devices on certain ThinkPad platforms. This can be exploited to cause a kernel crash by reading data from /proc/acpi/ibm/video.
Secunia Advisory
 
Old 03-26-2010, 10:56 PM   #207
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel Bluetooth L2CAP Denial of Service

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "l2cap_config_rsp()" function in net/bluetooth/l2cap.c, which can be exploited to cause a kernel crash by sending a specially crafted packet.
Secunia Advisory

Last edited by win32sux; 03-26-2010 at 11:39 PM.
 
Old 04-06-2010, 02:21 AM   #208
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by win32sux View Post
This advisory has been updated to reflect two vulnerabilities.
 
Old 04-06-2010, 02:22 AM   #209
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel r128 NULL Pointer Dereference Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.

The vulnerability is caused due an error in several r128 IOCTL handlers and can be exploited to trigger a NULL-pointer dereference via certain IOCTLs.
Secunia Advisory
 
Old 04-06-2010, 02:23 AM   #210
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel "cifs_create()" NULL Pointer Dereference

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL-pointer dereference error within the "cifs_create()" function in fs/cifs/dir.c. This can be exploited to cause a crash when a file without an associated "nameidata" structure is created.

The vulnerability is reported in version 2.6.29-rc6 and later.
Secunia Advisory
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Kernel 2.4 in Zipslack (Waring: unable to open an initial console | Kernel Panic...) kurtamos Linux - General 2 05-10-2006 12:58 PM
Kernel-Patch Debian Logo 2.6.2 not correctly working for custom kernel 2.6.11 smp deepclutch Debian 3 06-27-2005 03:59 AM
kernel panic: try passing init= option to kernel...installation with Red Hat 9 kergen Linux - Hardware 1 09-30-2004 03:28 AM
are there any vulns for kernel 2.6.5? trax Linux - Security 2 04-24-2004 04:10 PM
snort rules to vulns not yet published zuessh Linux - Security 1 02-12-2004 02:17 PM


All times are GMT -5. The time now is 11:31 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration