what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2010-2963

Status Candidate

Overview

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.

Related Files

Ubuntu Security Notice USN-1119-1
Posted Apr 20, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1119-1 - Multiple security flaws have been fixed in the OMAP4 port of the Linux kernel.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2010-3849, CVE-2010-3850, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3437, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3861, CVE-2010-3865, CVE-2010-3873, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3904, CVE-2010-4072, CVE-2010-4079, CVE-2010-4158, CVE-2010-4164, CVE-2010-4165, CVE-2010-4249
SHA-256 | ee2b27059547517c9b31d6346cedd7eacba9014e9eeb821192ed01e86e778b49
Ubuntu Security Notice USN-1093-1
Posted Mar 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1093-1 - Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. Eric Dumazet discovered that many network functions could leak kernel stack contents. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A large number of additional vulnerabilities have also been address.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2478, CVE-2010-2942, CVE-2010-2943, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3084, CVE-2010-3296, CVE-2010-3297, CVE-2010-3298, CVE-2010-3310, CVE-2010-3432, CVE-2010-3437, CVE-2010-3442, CVE-2010-3477, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3858, CVE-2010-3859, CVE-2010-3861
SHA-256 | c0782ec52287eab8561329a78cec59713d72aef79fd6b9dd6d11304a47144159
Ubuntu Security Notice USN-1083-1
Posted Mar 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1083-1 - Multiple vulnerabilities have been discovered and addressed in the Linux 2.6 kernel. Al Viro discovered a race condition in the TTY driver. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. Many other issues have also been addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-0435, CVE-2010-2066, CVE-2010-2226, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2537, CVE-2010-2538, CVE-2010-2798, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3084, CVE-2010-3296, CVE-2010-3297
SHA-256 | 54cb1f4aa7b55d1d5bede6d79988ac926e5fd1c698bb4ab072e98146004d10c9
Ubuntu Security Notice USN-1074-2
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1074-2 - USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.

tags | advisory, kernel, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2959, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296
SHA-256 | 4e15776b2f435c92a453d8aac2203f207e854e4b3f906900fe4b4f17ed2e2a0c
Ubuntu Security Notice USN-1074-1
Posted Feb 26, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1074-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.

tags | advisory, kernel, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2959, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296
SHA-256 | f173020807305076d904d843200bcb5d00acee46687f271c4a2338df4358536b
Mandriva Linux Security Advisory 2010-257
Posted Dec 17, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-257 - The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service via a crafted exec system call, a related issue to CVE-2010-2240. drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device. Various other issues have been addressed as well.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, mandriva
advisories | CVE-2010-3858, CVE-2010-2963, CVE-2010-3067, CVE-2010-3442, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850
SHA-256 | 1e230666cbb1fc66c91156a8035fbdbdaca4fbe40c2a8ed95fd1ecd43722fa30
Debian Security Advisory 2126-1
Posted Nov 29, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2126-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2010-2963, CVE-2010-3067, CVE-2010-3296, CVE-2010-3297, CVE-2010-3310, CVE-2010-3432, CVE-2010-3437, CVE-2010-3442, CVE-2010-3448, CVE-2010-3477, CVE-2010-3705, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3858, CVE-2010-3859, CVE-2010-3873, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074, CVE-2010-4078, CVE-2010-4079, CVE-2010-4080
SHA-256 | 652a215cfcfeaef0310226d8335344e5825dd30719bdba2815354e1a411557e6
Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite
Posted Oct 29, 2010
Authored by Kees Cook

Linux kernel arbitrary write memory write via v4l1 compat ioctl exploit.

tags | exploit, arbitrary, kernel
systems | linux
advisories | CVE-2010-2963
SHA-256 | 0fb3fe6114ef493e4fab7053e8a06ac577d72940a2bdde07d3c8602f119bf555
Ubuntu Security Notice 1000-1
Posted Oct 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1000-1 - Various image updates have been provided. Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packets. Various other issues have also been addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2798, CVE-2010-2942, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078
SHA-256 | 6b36ec4068d40a47c3a69616c6e9e4c23c26d91d6ae30534472022bde895c2cc
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close