what you don't know can hurt you
Showing 1 - 5 of 5 RSS Feed

CVE-2010-4081

Status Candidate

Overview

The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call.

Related Files

Ubuntu Security Notice USN-1202-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Various other issues were also addressed.

tags | exploit, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-4081, CVE-2010-3296, CVE-2010-3297, CVE-2010-3858, CVE-2010-3859, CVE-2010-3874, CVE-2010-3880, CVE-2010-4073, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4169, CVE-2010-4175, CVE-2010-4242, CVE-2010-4243, CVE-2010-4248, CVE-2010-4256, CVE-2010-4565, CVE-2010-4649, CVE-2010-4655
MD5 | 2daff38dec5e5b4254f2f5b46b1f6f9e
Ubuntu Security Notice USN-1164-1
Posted Jul 6, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1164-1 - Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Dan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. Various other issues were also addressed.

tags | advisory, arbitrary, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2010-4081, CVE-2010-3865, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4157, CVE-2010-4164, CVE-2010-4248, CVE-2010-4258, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4529, CVE-2010-4565, CVE-2010-4655, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0711, CVE-2011-0712, CVE-2011-1017
MD5 | e70bdd0acf312c2b66cea08dc84f7849
Ubuntu Security Notice USN-1073-1
Posted Feb 26, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1073-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. Dan Rosenberg discovered that the USB subsystem did not correctly initialize certain structures. Various other issues have also been addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-0435, CVE-2010-3448, CVE-2010-3698, CVE-2010-3859, CVE-2010-3865, CVE-2010-3873, CVE-2010-3874, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4074, CVE-2010-4078, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160, CVE-2010-4165, CVE-2010-4169, CVE-2010-4248, CVE-2010-4249
MD5 | 8305a1531c118605c29aeddacbcfebd2
Ubuntu Security Notice USN-1072-1
Posted Feb 26, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1072-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. Various other issues have also been addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-0435, CVE-2010-2943, CVE-2010-3296, CVE-2010-3297, CVE-2010-3448, CVE-2010-3698, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3873, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4072, CVE-2010-4074, CVE-2010-4078, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160, CVE-2010-4248
MD5 | 27c3f06a2a4304897f036ea3734a09ea
Ubuntu Security Notice USN-1071-1
Posted Feb 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1071-1 - Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup. A local attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3086, CVE-2010-3859, CVE-2010-3873, CVE-2010-3875, CVE-2010-3876, CVE-2010-3880, CVE-2010-4078, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160
MD5 | c92ade2a6d6618f6e93dbb1f640445c6
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close