what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2006-4814

Status Candidate

Overview

The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock.

Related Files

VMware Security Advisory 2008-00011
Posted Jul 29, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - Updated ESX service console packages for Samba and vmnix have been released to address several security issues.

tags | advisory
advisories | CVE-2007-5001, CVE-2007-6151, CVE-2007-6206, CVE-2008-0007, CVE-2008-1367, CVE-2008-1375, CVE-2008-1669, CVE-2006-4814, CVE-2008-1105
MD5 | 2c0c4211e094aa9996f6e139c09e1e8b
Debian Linux Security Advisory 1503-2
Posted Mar 12, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1503-2 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2004-2731, CVE-2006-4814, CVE-2006-5753, CVE-2006-5823, CVE-2006-6053, CVE-2006-6054, CVE-2006-6106, CVE-2007-1353, CVE-2007-1592, CVE-2007-2172, CVE-2007-2525, CVE-2007-3848, CVE-2007-4308, CVE-2007-4311, CVE-2007-5093, CVE-2007-6063, CVE-2007-6151, CVE-2007-6206
MD5 | 4d782fab669b98a7a56eca8a00c7628d
dsa-1503.txt
Posted Feb 23, 2008
Site debian.org

Debian Security Advisory 1503 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2004-2731, CVE-2006-4814, CVE-2006-5753, CVE-2006-5823, CVE-2006-6053, CVE-2006-6054, CVE-2006-6106, CVE-2007-1353, CVE-2007-1592, CVE-2007-2172, CVE-2007-2525, CVE-2007-3848, CVE-2007-4308, CVE-2007-4311, CVE-2007-5093, CVE-2007-6063, CVE-2007-6151, CVE-2007-6206
MD5 | 3408c11383bf6b8fa21ef8da39900292
Debian Linux Security Advisory 1304-1
Posted Jun 19, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1304-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2005-4811, CVE-2006-4814, CVE-2006-4623, CVE-2006-5753, CVE-2006-5754, CVE-2006-5757, CVE-2006-6053, CVE-2006-6056, CVE-2006-6060, CVE-2006-6106, CVE-2006-6535, CVE-2007-0958, CVE-2007-1357, CVE-2007-1592
MD5 | 1d8a803d6cd25a9ae00f96aa85c482a1
Mandriva Linux Security Advisory 2007.060
Posted Mar 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Many vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The 2.6.17 kernel and earlier, when running on IA64 and SPARC platforms would allow a local user to cause a DoS (crash) via a malformed ELF file. The mincore function in the Linux kernel did not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. An unspecified vulnerability in the listxattr system call, when a "bad inode" is present, could allow a local user to cause a DoS (data corruption) and possibly gain privileges via unknown vectors. The zlib_inflate function allows local users to cause a crash via a malformed filesystem that uses zlib compression that triggers memory corruption. The ext3fs_dirhash function could allow local users to cause a DoS (crash) via an ext3 stream with malformed data structures. When SELinux hooks are enabled, the kernel could allow a local user to cause a DoS (crash) via a malformed file stream that triggers a NULL pointer derefernece. The key serial number collision avoidance code in the key_alloc_serial function in kernels 2.6.9 up to 2.6.20 allows local users to cause a crash via vectors thatr trigger a null dereference. The Linux kernel version 2.6.13 to 2.6.20.1 allowed a remote attacker to cause a DoS (oops) via a crafted NFSACL2 ACCESS request that triggered a free of an incorrect pointer. A local user could read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump; a variant of CVE-2004-1073.

tags | advisory, remote, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2006-4538, CVE-2006-4814, CVE-2006-5753, CVE-2006-5823, CVE-2006-6053, CVE-2006-6056, CVE-2007-0006, CVE-2007-0772, CVE-2007-0958
MD5 | 186a8d105b5a3c8a35936f0a69d24e0a
Ubuntu Security Notice 416-1
Posted Feb 13, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 416-1 - A large quantity of Linux 2.6 kernel vulnerabilities have been discovered and fixed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2006-4572, CVE-2006-4814, CVE-2006-5749, CVE-2006-5753, CVE-2006-5755, CVE-2006-5757, CVE-2006-5823, CVE-2006-6053, CVE-2006-6054, CVE-2006-6056, CVE-2006-6057, CVE-2006-6106
MD5 | 1d62b1b3baa4783c7afe8a58fc50fbe3
Mandriva Linux Security Advisory 2007.040
Posted Feb 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4, as well as the 2.6 kernel, does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash. The listxattr syscall can corrupt user space under certain circumstances. The problem seems to be related to signed/unsigned conversion during size promotion. The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures. The mincore function in the Linux kernel before 2.4.33.6, as well as the 2.6 kernel, does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock.

tags | advisory, denial of service, kernel, local
systems | linux, mandriva
advisories | CVE-2006-5749, CVE-2006-5753, CVE-2006-6053, CVE-2006-4814
MD5 | fab3fc7d2c5787fc89ce56494a201b64
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close