what you don't know can hurt you
Showing 1 - 7 of 7 RSS Feed

CVE-2011-1010

Status Candidate

Overview

Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table.

Related Files

Ubuntu Security Notice USN-1204-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1204-1 - Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3859, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4175, CVE-2010-4242, CVE-2010-4243, CVE-2010-4251, CVE-2010-4526, CVE-2010-4649, CVE-2010-4668, CVE-2010-4805, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1020, CVE-2011-1044, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1082, CVE-2011-1090, CVE-2011-1093
MD5 | d372af01183a028bf3bd3528a3aab84f
Ubuntu Security Notice USN-1186-1
Posted Aug 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1186-1 - Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Vladymyr Denysov discovered that Xen virtual CD-ROM devices were not handled correctly. A local attacker in a guest could make crafted blkback requests that would crash the host, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4073, CVE-2010-4165, CVE-2010-4238, CVE-2010-4249, CVE-2010-4649, CVE-2011-0711, CVE-2011-1010, CVE-2011-1044, CVE-2011-1090, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-2484, CVE-2011-2534
MD5 | c5e74b8176fba1d422fe47aa4c8e7658
Ubuntu Security Notice USN-1160-1
Posted Jun 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1160-1 - Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc filesystem. A local attacker could use this to increase the chances of a successful memory corruption exploit. Kees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. Various other issues were also addressed.

tags | advisory, x86, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-4529, CVE-2010-4565, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0711, CVE-2011-0712, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1016, CVE-2011-1017, CVE-2011-1019, CVE-2011-1082, CVE-2011-1083, CVE-2011-1169, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1593, CVE-2011-1745, CVE-2011-1748, CVE-2011-2022
MD5 | 0b27c7685536805308dcb14221dc34a5
Red Hat Security Advisory 2011-0883-01
Posted Jun 22, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0883-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update includes backported fixes for security issues. These issues, except for CVE-2011-1182, only affected users of Red Hat Enterprise Linux 6.0 Extended Update Support as they have already been addressed for users of Red Hat Enterprise Linux 6 in the 6.1 update, RHSA-2011:0542. Security fixes: Buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2010-3881, CVE-2010-4251, CVE-2010-4805, CVE-2011-0999, CVE-2011-1010, CVE-2011-1082, CVE-2011-1090, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495
MD5 | 4a6ae8c3495f4a85a880c7b44a2338fb
Debian Security Advisory 2264-1
Posted Jun 19, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2264-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2010-2524, CVE-2010-3875, CVE-2010-4075, CVE-2010-4655, CVE-2011-0695, CVE-2011-0710, CVE-2011-0711, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1017, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1090, CVE-2011-1093, CVE-2011-1160, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-1180, CVE-2011-1182, CVE-2011-1477, CVE-2011-1493, CVE-2011-1577, CVE-2011-1593
MD5 | e4fc6508acdcc4816d4b46bbbcd75992
Ubuntu Security Notice USN-1141-1
Posted Jun 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1141-1 - Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service. Various other issues were also discovered.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4243, CVE-2010-4263, CVE-2010-4342, CVE-2010-4529, CVE-2010-4565, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0712, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1016, CVE-2011-1019, CVE-2011-1082, CVE-2011-1083, CVE-2011-1182
MD5 | d6c70609f84935148b2bd6cac1ed0dc2
Linux 2.4 / 2.6 Privilege Escalation / Denial Of Service
Posted Feb 23, 2011
Site pre-cert.de

PRE-CERT Security Advisory - Both the 2.4 and 2.6 Linux kernels have multiple vulnerabilities. A buffer overflow bug in mac_partition in fs/partitions/mac.c (for MAC partition tables) allows for a denial-of-service (kernel panic) condition via a corrupted MAC partition table. A division-by-zero bug in ldm_get_vblks in fs/partitions/ldm.c (for LDM partition tables) allows a denial-of-service (kernel oops) condition via a corrupted LDM partition table. A buffer overflow bug in ldm_frag_add in fs/partitions/ldm.c (for LDM partition tables) may allow escalation of privileges or disclosure of sensitive information via a corrupted LDM partition table.

tags | advisory, overflow, kernel, vulnerability
systems | linux
advisories | CVE-2011-1010
MD5 | 20531d513e9f9f3ecbb61088ecd1dd76
Page 1 of 1
Back1Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close