LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 07-28-2011, 12:14 AM   #271
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel Xtensa "ptrace_setxregs()" Memory Disclosure Weakness


Quote:
A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information.

The weakness is caused due to the "ptrace_setxregs()" function in arch/xtensa/kernel/ptrace.c not properly verifying the provided pointers, which can be exploited to disclose kernel memory.

NOTE: This only affects the Xtensa architecture.
Secunia Advisory
 
Old 07-29-2011, 10:43 AM   #272
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel GRO "skb_gro_header_slow()" Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "skb_gro_header_slow()" function (include/linux/netdevice.h), which can be exploited to cause a crash.

Successful exploitation requires that GRO (Generic Receive Offload) is used.
Secunia Advisory
 
Old 08-13-2011, 12:02 AM   #273
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel "perf" Privilege Escalation Weakness

Quote:
A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.

The weakness is caused due to the perf utility loading the configuration file from the current directory, which can be exploited to e.g. gain escalated privileges by tricking a user into running the perf utility in a directory containing a malicious configuration file.
Secunia Advisory
 
Old 08-17-2011, 01:41 AM   #274
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel Event Overflows Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the handling of software event overflows, which can be exploited to cause a crash via a specially crafted application.
Secunia Advisory
 
Old 08-25-2011, 09:52 AM   #275
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel "CIFSFindNext()" Signedness Error Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a signedness error within the "CIFSFindNext()" function (fs/cifs/cifssmb.c), which can be exploited to e.g. crash a client by sending specially crafted CIFS messages.

Successful exploitation requires that a malicious server is used.
Secunia Advisory
 
Old 09-20-2011, 03:02 AM   #276
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel CIFS DFS Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when mounting CIFS shares with certain DFS referrals, which can be exploited to trigger a "BUG_ON()" in a client by tricking the victim into mounting from a malicious server.
Secunia Advisory
 
Old 10-18-2011, 03:04 AM   #277
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel "apparmor_setprocattr()" Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the "apparmor_setprocattr()" function (security/apparmor/lsm.c), which can be exploited to trigger a "BUG_ON()" if a process writes malformed data to its "/attr/current" proc file.
Secunia Advisory
 
Old 10-25-2011, 03:24 AM   #278
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel ext4 Extent Splitting Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

An error within the implementation of the ext4 file system when splitting extents can be exploited to cause a "BUG_ON()".

The vulnerability is reported in version 2.6.39.4. Other versions may also be affected.
Secunia Advisory
 
Old 10-27-2011, 02:07 AM   #279
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel ghash NULL Pointer Dereference Vulnerability

Quote:
A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL pointer dereference error within the implementation of the GHASH algorithm, which can be exploited to e.g. cause a crash via a specially crafted application.

The vulnerability is confirmed in version 2.6.39.4. Other versions may also be affected.
Secunia Advisory
 
Old 10-27-2011, 02:12 AM   #280
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel XFS "xfs_readlink()" Buffer Overflow Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

The vulnerability is caused due to a boundary error within the "xfs_readlink()" function (fs/xfs/xfs_vnodeops.c) and can be exploited to cause a buffer overflow via a specially crafted XFS image.
Secunia Advisory
 
Old 11-15-2011, 03:38 AM   #281
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel "journal_get_superblock()" Denial of Service Vulnerabilities

Quote:
Two vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerabilities are caused due to an error within the "journal_get_superblock()" functions (fs/jbd/journal.c and fs/jbd2/journal.c) and can be exploited to trigger a "BUG_ON()" by e.g. mounting specially crafted ext3 images.
Secunia Advisory
 
Old 11-15-2011, 03:40 AM   #282
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel NFSv4 Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error when handling certain NFSv4 responses to ACL attribute requests, which can be exploited to e.g. cause a crash by connecting to a malicious NFSv4 server.
Secunia Advisory
 
Old 12-14-2011, 01:00 AM   #283
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel B.A.T.M.A.N. "bat_socket_read()" Buffer Overflow Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error within the "bat_socket_read()" function (net/batman/icmp_socket.c), which can be exploited to cause a userspace buffer overflow by sending specially crafted packets to a vulnerable system.

The vulnerability is reported in version 2.6.39.4. Other versions may also be affected.
Secunia Advisory
 
Old 12-25-2011, 01:38 AM   #284
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel KVM PIT Denial of Service Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the "create_pit_timer()" function (arch/x86/kvm/i8254.c) when configuring a Programmable Interrupt Timer (PIT) and can be exploited to cause a NULL pointer dereference resulting in the crash of a host.
Secunia Advisory
 
Old 12-25-2011, 01:42 AM   #285
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 379Reputation: 379Reputation: 379Reputation: 379
Linux Kernel "SG_IO" SCSI IOCTL Privilege Escalation Vulnerability

Quote:
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users and malicious, local users in a guest virtual machine to gain escalated privileges.

The vulnerability is caused due to SG_IO SCSI IOCTL commands being passed down to the block device without properly honoring access restrictions to e.g. single partitions or LVM volumes. This can e.g. be exploited by a privileged guest user in certain virtualisation setups to read from or write to the host's block device.
Secunia Advisory
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Kernel 2.4 in Zipslack (Waring: unable to open an initial console | Kernel Panic...) kurtamos Linux - General 2 05-10-2006 01:58 PM
Kernel-Patch Debian Logo 2.6.2 not correctly working for custom kernel 2.6.11 smp deepclutch Debian 3 06-27-2005 04:59 AM
kernel panic: try passing init= option to kernel...installation with Red Hat 9 kergen Linux - Hardware 1 09-30-2004 04:28 AM
are there any vulns for kernel 2.6.5? trax Linux - Security 2 04-24-2004 05:10 PM
snort rules to vulns not yet published zuessh Linux - Security 1 02-12-2004 03:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration