exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

CVE-2011-1044

Status Candidate

Overview

The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially sensitive information from kernel memory via vectors that cause this buffer to be only partially filled, a different vulnerability than CVE-2010-4649.

Related Files

EMC VPLEX GeoSynchrony 5.2.1 Traversal / Session Timeout
Posted Mar 27, 2014
Site emc.com

EMC VPLEX GeoSynchrony versions 4.0 through 5.2.1 suffer from path traversal, timeout validity, session fixation, and various other vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2002-2443, CVE-2011-1044, CVE-2011-3389, CVE-2011-4110, CVE-2012-0814, CVE-2012-2136, CVE-2012-5166, CVE-2013-1667, CVE-2014-0632, CVE-2014-0633, CVE-2014-0634, CVE-2014-0635
MD5 | 4fabf55ed8ae07e61947cc08474da68d
VMware Security Advisory 2012-0001
Posted Jan 30, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0001 - VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.

tags | advisory
advisories | CVE-2009-3560, CVE-2009-3720, CVE-2010-0547, CVE-2010-0787, CVE-2010-1634, CVE-2010-2059, CVE-2010-2089, CVE-2010-3493, CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-0726, CVE-2011-1015, CVE-2011-1044, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1521, CVE-2011-1573
MD5 | f01c53578bb58b204ee302611e8e3317
Ubuntu Security Notice USN-1204-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1204-1 - Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3859, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4175, CVE-2010-4242, CVE-2010-4243, CVE-2010-4251, CVE-2010-4526, CVE-2010-4649, CVE-2010-4668, CVE-2010-4805, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1020, CVE-2011-1044, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1082, CVE-2011-1090, CVE-2011-1093
MD5 | d372af01183a028bf3bd3528a3aab84f
Ubuntu Security Notice USN-1186-1
Posted Aug 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1186-1 - Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. Vladymyr Denysov discovered that Xen virtual CD-ROM devices were not handled correctly. A local attacker in a guest could make crafted blkback requests that would crash the host, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4073, CVE-2010-4165, CVE-2010-4238, CVE-2010-4249, CVE-2010-4649, CVE-2011-0711, CVE-2011-1010, CVE-2011-1044, CVE-2011-1090, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-2484, CVE-2011-2534
MD5 | c5e74b8176fba1d422fe47aa4c8e7658
Red Hat Security Advisory 2011-0927-01
Posted Jul 15, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0927-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw in ib_uverbs_poll_cq() could allow a local, unprivileged user to cause a denial of service or escalate their privileges. A race condition in the way new InfiniBand connections were set up could allow a remote user to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182, CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745, CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022, CVE-2011-2213, CVE-2011-2492
MD5 | 17d1901ea722285ee9cac40dbc6ed1fd
Ubuntu Security Notice USN-1080-2
Posted Mar 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1080-2 - USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for use with EC2. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4248, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
MD5 | dbe55df1040b90a54d2d7810dd71979a
Ubuntu Security Notice USN-1081-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1081-1 - The Linux 2.6 kernel had multiple vulnerabilities identified and addressed. It was discovered that KVM did not correctly initialize certain CPU registers. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3698, CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4079, CVE-2010-4083, CVE-2010-4248, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
MD5 | 1560817ccddd3675a7fb3925c07a4ad1
Ubuntu Security Notice USN-1080-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1080-1 - The Linux 2.6 kernel had multiple vulnerabilities identified and addressed. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4248, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
MD5 | 73381f915c1229455588d263d256fd31
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close