LinuxQuestions.org
Page 20 of 20 « First 101819 20
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Kernel Vulns (https://www.linuxquestions.org/questions/linux-security-4/kernel-vulns-399624/)

win32sux 01-08-2012 04:16 AM
Linux Kernel KVM KVM_ASSIGN_PCI_DEVICE IOCTL Denial of Service Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to KVM not properly restricting the KVM_ASSIGN_PCI_DEVICE IOCTL, which can be exploited to stop PCI devices from working by sending specially crafted IOCTLs.
Secunia Advisory

win32sux 01-11-2012 10:41 PM
Linux Kernel "igmp_heard_query()" Denial of Service Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "igmp_heard_query()" function (net/ipv4/igmp.c) and can be exploited to cause a kernel crash via specially crafted IGMP queries.
Secunia Advisory

win32sux 01-11-2012 10:46 PM
Linux Kernel "xfs_acl_from_disk()" Integer Overflow Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an integer overflow within the "xfs_acl_from_disk()" function (fs/xfs/xfs_acl.c) and can be exploited to corrupt kernel memory.

Successful exploitation requires physical access to systems that automatically mount inserted media devices or that a user is tricked into mounting a malicious filesystem (e.g. USB drives).
Secunia Advisory

win32sux 01-11-2012 10:52 PM
Linux Kernel DRM "drm_mode_dirtyfb_ioctl()" Integer Overflow Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

The vulnerability is caused due to an integer overflow error within the "drm_mode_dirtyfb_ioctl()" function (drivers/gpu/drm/crm_crtc.c) and can be exploited to cause a memory corruption by sending specially crafted IOCTLs.
Secunia Advisory

win32sux 01-12-2012 09:20 PM
Linux Kernel KVM "syscall" Emulation Denial of Service Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

The vulnerability is caused due to KVM not properly handling the "syscall" instruction (opcode 0f05) in certain CPU modes on certain CPU models, which can be exploited to e.g. crash 32bit guest machines and potentially cause 64bit guest machines to behave incorrectly by running a specially crafted executable.
Secunia Advisory

win32sux 01-23-2012 03:42 AM
Linux Kernel "/proc/<pid>/mem" Privilege Escalation Vulnerability
 
Quote:
A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to the kernel not properly restricting access to "/proc/<pid>/mem" file, which can be exploited to gain escalated privileges by e.g. writing into the memory of a privileged process.
Secunia Advisory

win32sux 03-17-2012 01:07 AM
Linux Kernel "__split_huge_page()" Race Condition Denial of Service Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine cause a DoS (Denial of Service).

The vulnerability is caused due to a race condition when handling PMD table entries after a "bad pmd" occurs and can be exploited to cause a kernel crash.
Secunia Advisory

win32sux 04-11-2012 10:21 PM
Linux Kernel "ext4_fill_flex_info()" Denial of Service Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "ext4_fill_flex_info()" function in fs/ext4/super.c when mounting a file system and can be exploited to cause a division by zero.
Secunia Advisory

win32sux 05-22-2012 01:42 AM
Linux Kernel NFSv4 Denial of Service Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when handling certain NFSv4 responses to ACL attribute requests and can be exploited to e.g. cause a crash by connecting to a malicious NFSv4 server.
Secunia Advisory

win32sux 05-22-2012 01:43 AM
Linux Kernel mmap_sem Denial of Service Vulnerability
 
Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a race condition error when holding the mmap_sem lock for reading and can be exploited to cause a crash.

Successful exploitation requires that a 64-bit system is used.
Secunia Advisory

win32sux 05-27-2012 03:21 PM
Linux Kernel Huge Pages Memory Leak Denial of Service Vulnerability
 
Quote:
A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a memory leak within the handling of huge pages and can be exploited to exhaust available memory resulting in various processes being terminated and a kernel panic.

Successful exploitation requires the kernel to be configured with the CONFIG_HUGETLB_PAGE feature.
Secunia Advisory


All times are GMT -5. The time now is 03:57 PM.
Page 20 of 20 « First 101819 20
Show 50 post(s) from this thread on one page