what you don't know can hurt you
Showing 1 - 3 of 3 RSS Feed

CVE-2010-1643

Status Candidate

Overview

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors.

Related Files

Mandriva Linux Security Advisory 2010-198
Posted Oct 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-198 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include memory disclosure, denial of service, NULL pointer dereference and privilege escalation issues.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2010-1088, CVE-2009-3228, CVE-2010-0415, CVE-2009-3620, CVE-2010-0622, CVE-2009-2287, CVE-2009-3722, CVE-2009-4308, CVE-2009-2846, CVE-2010-2521, CVE-2008-7256, CVE-2010-1162, CVE-2010-1643, CVE-2010-1173, CVE-2010-1187, CVE-2010-1173, CVE-2010-2248, CVE-2010-2492
MD5 | 996b79c3ea6230e42edec14d92fe4e2d
Mandriva Linux Security Advisory 2010-188
Posted Sep 24, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-188 - Some vulnerabilities were discovered and corrected in the Linux kernel. fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount symlinks, which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service , and possibly have unspecified other impact by specifying a node that is not part of the kernel node set. Various other issues have been addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2010-1088, CVE-2009-3228, CVE-2010-0415, CVE-2009-3620, CVE-2010-0622, CVE-2009-2287, CVE-2009-3722, CVE-2009-4308, CVE-2009-2846, CVE-2010-2521, CVE-2008-7256, CVE-2010-1162, CVE-2010-1643, CVE-2010-1173, CVE-2010-1187, CVE-2010-1173, CVE-2010-2248, CVE-2010-2492
MD5 | 42035b28e0f8169b22938a802ca0b831
Ubuntu Security Notice 966-1
Posted Aug 6, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 966-1 - Junjiro R. Okajima discovered that knfsd did not correctly handle strict overcommit. Chris Guo, Jukka Taimisto, and Olli Jarva discovered that SCTP did not correctly handle invalid parameters. A remote attacker could send specially crafted traffic that could crash the system, leading to a denial of service. Mario Mikocevic discovered that GFS2 did not correctly handle certain quota structures. Toshiyuki Okajima discovered that the kernel keyring did not correctly handle dead keyrings. Brad Spengler discovered that Sparc did not correctly implement non-executable stacks. This made userspace applications vulnerable to exploits that would have been otherwise blocked due to non-executable memory protections. Dan Rosenberg discovered that the btrfs clone function did not correctly validate permissions. Dan Rosenberg discovered that GFS2 set_flags function did not correctly validate permissions. Shi Weihua discovered that btrfs xattr_set_acl function did not correctly validate permissions. Andre Osterhues discovered that eCryptfs did not correctly calculate hash values.

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2008-7256, CVE-2010-1173, CVE-2010-1436, CVE-2010-1437, CVE-2010-1451, CVE-2010-1636, CVE-2010-1641, CVE-2010-1643, CVE-2010-2071, CVE-2010-2492
MD5 | a79e8c6f8746aab5fd201e02a6291143
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    2 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    16 Files
  • 13
    Feb 13th
    19 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    34 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close