LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-08-2012, 04:16 AM   #286
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel KVM KVM_ASSIGN_PCI_DEVICE IOCTL Denial of Service Vulnerability


Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to KVM not properly restricting the KVM_ASSIGN_PCI_DEVICE IOCTL, which can be exploited to stop PCI devices from working by sending specially crafted IOCTLs.
Secunia Advisory
 
Old 01-11-2012, 10:41 PM   #287
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel "igmp_heard_query()" Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "igmp_heard_query()" function (net/ipv4/igmp.c) and can be exploited to cause a kernel crash via specially crafted IGMP queries.
Secunia Advisory
 
Old 01-11-2012, 10:46 PM   #288
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel "xfs_acl_from_disk()" Integer Overflow Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an integer overflow within the "xfs_acl_from_disk()" function (fs/xfs/xfs_acl.c) and can be exploited to corrupt kernel memory.

Successful exploitation requires physical access to systems that automatically mount inserted media devices or that a user is tricked into mounting a malicious filesystem (e.g. USB drives).
Secunia Advisory
 
Old 01-11-2012, 10:52 PM   #289
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel DRM "drm_mode_dirtyfb_ioctl()" Integer Overflow Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

The vulnerability is caused due to an integer overflow error within the "drm_mode_dirtyfb_ioctl()" function (drivers/gpu/drm/crm_crtc.c) and can be exploited to cause a memory corruption by sending specially crafted IOCTLs.
Secunia Advisory
 
Old 01-12-2012, 09:20 PM   #290
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel KVM "syscall" Emulation Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

The vulnerability is caused due to KVM not properly handling the "syscall" instruction (opcode 0f05) in certain CPU modes on certain CPU models, which can be exploited to e.g. crash 32bit guest machines and potentially cause 64bit guest machines to behave incorrectly by running a specially crafted executable.
Secunia Advisory
 
Old 01-23-2012, 03:42 AM   #291
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel "/proc/<pid>/mem" Privilege Escalation Vulnerability

Quote:
A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to the kernel not properly restricting access to "/proc/<pid>/mem" file, which can be exploited to gain escalated privileges by e.g. writing into the memory of a privileged process.
Secunia Advisory
 
Old 03-17-2012, 01:07 AM   #292
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel "__split_huge_page()" Race Condition Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine cause a DoS (Denial of Service).

The vulnerability is caused due to a race condition when handling PMD table entries after a "bad pmd" occurs and can be exploited to cause a kernel crash.
Secunia Advisory
 
Old 04-11-2012, 10:21 PM   #293
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel "ext4_fill_flex_info()" Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "ext4_fill_flex_info()" function in fs/ext4/super.c when mounting a file system and can be exploited to cause a division by zero.
Secunia Advisory
 
Old 05-22-2012, 01:42 AM   #294
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel NFSv4 Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when handling certain NFSv4 responses to ACL attribute requests and can be exploited to e.g. cause a crash by connecting to a malicious NFSv4 server.
Secunia Advisory
 
Old 05-22-2012, 01:43 AM   #295
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel mmap_sem Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a race condition error when holding the mmap_sem lock for reading and can be exploited to cause a crash.

Successful exploitation requires that a 64-bit system is used.
Secunia Advisory
 
Old 05-27-2012, 03:21 PM   #296
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Linux Kernel Huge Pages Memory Leak Denial of Service Vulnerability

Quote:
A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a memory leak within the handling of huge pages and can be exploited to exhaust available memory resulting in various processes being terminated and a kernel panic.

Successful exploitation requires the kernel to be configured with the CONFIG_HUGETLB_PAGE feature.
Secunia Advisory
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Kernel 2.4 in Zipslack (Waring: unable to open an initial console | Kernel Panic...) kurtamos Linux - General 2 05-10-2006 12:58 PM
Kernel-Patch Debian Logo 2.6.2 not correctly working for custom kernel 2.6.11 smp deepclutch Debian 3 06-27-2005 03:59 AM
kernel panic: try passing init= option to kernel...installation with Red Hat 9 kergen Linux - Hardware 1 09-30-2004 03:28 AM
are there any vulns for kernel 2.6.5? trax Linux - Security 2 04-24-2004 04:10 PM
snort rules to vulns not yet published zuessh Linux - Security 1 02-12-2004 02:17 PM


All times are GMT -5. The time now is 04:58 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration