what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2008-1675

Status Candidate

Overview

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

Related Files

Mandriva Linux Security Advisory 2008-167
Posted Aug 13, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel package.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2008-2136, CVE-2008-2148, CVE-2008-2358, CVE-2008-2750, CVE-2008-1615, CVE-2008-2826, CVE-2008-1375, CVE-2008-1675, CVE-2008-1669
SHA-256 | a22bc116b2abbe7adc279c9653623c50268cacda2c1139b16c87517248f69822
Mandriva Linux Security Advisory 2008-109
Posted Jun 4, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory. Additionally, some fixes were made, related to: iwlwifi (small bug interacting with drakconnect interface detection), brightness handling on EeePc, uvcvideo on Thinkpad X300, sound for TOSHIBA Satellite Pro A200 and A210, RealTek 8169 ethernet, unionfs, and more.

tags | advisory, kernel, local
systems | linux, mandriva
advisories | CVE-2008-1675
SHA-256 | e2c7f9ca31e1a830b26d32bb28c2e8bd202c4a3b98b402586a4f6a9c2ef72fb1
Ubuntu Security Notice 614-1
Posted Jun 4, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 614-1 - It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. A race condition was discovered between dnotify fcntl() and close() in the kernel. If a local attacker performed malicious dnotify requests, they could cause memory consumption leading to a denial of service, or possibly send arbitrary signals to any process. On SMP systems, a race condition existed in fcntl(). Local attackers could perform malicious locks, causing system crashes and leading to a denial of service. The tehuti network driver did not correctly handle certain IO functions. A local attacker could perform malicious requests to the driver, potentially accessing kernel memory, leading to privilege escalation or access to private system information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2007-6694, CVE-2008-1375, CVE-2008-1669, CVE-2008-1675
SHA-256 | ca2f984d27aa5deee1f3c6719dc2cd35d3ea868489fb3ea00ecf5c0f4810bbeb
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close