Showing 1 - 9 of 9

CVE-2011-1078

Status Candidate

Overview

The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.

Related Files

Red Hat Security Advisory 2012-1156-01: Posted Aug 15, 2012; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2012-1156-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the i915_gem_execbuffer2() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. A missing initialization flaw was found in the sco_sock_getsockopt_old() function in the Linux kernel's Bluetooth implementation. A local, unprivileged user could use this flaw to cause an information leak.; tags | advisory, denial of service, overflow, kernel, local; systems | linux, redhat; advisories | CVE-2011-1078, CVE-2012-2383; MD5 | 80c5957b637083b55e9d589f81c8faf3; Download | Favorite | Comments (0)

VMware Security Advisory 2012-0001: Posted Jan 30, 2012; Authored by VMware | Site vmware.com; VMware Security Advisory 2012-0001 - VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.; tags | advisory; advisories | CVE-2009-3560, CVE-2009-3720, CVE-2010-0547, CVE-2010-0787, CVE-2010-1634, CVE-2010-2059, CVE-2010-2089, CVE-2010-3493, CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-0726, CVE-2011-1015, CVE-2011-1044, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1521, CVE-2011-1573; MD5 | f01c53578bb58b204ee302611e8e3317; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-1256-1: Posted Nov 9, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1256-1 - It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.; tags | advisory, kernel, local, vulnerability; systems | linux, ubuntu; advisories | CVE-2011-1020, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1160, CVE-2011-1180, CVE-2011-1478, CVE-2011-1479, CVE-2011-1493, CVE-2011-1573, CVE-2011-1576, CVE-2011-1577, CVE-2011-1581, CVE-2011-1585, CVE-2011-1767, CVE-2011-1768, CVE-2011-1771, CVE-2011-1776, CVE-2011-1833, CVE-2011-2183, CVE-2011-2213, CVE-2011-2479, CVE-2011-2484, CVE-2011-2491, CVE-2011-2492, CVE-2011-2493, CVE-2011-2494; MD5 | ee2685f0b4d767be1169393f2ba5d7c7; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-1212-1: Posted Sep 21, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1212-1 - Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. Various other issues were also addressed.; tags | advisory, local, root; systems | linux, ubuntu; advisories | CVE-2011-0463, CVE-2011-1017, CVE-2011-1020, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1160, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-1180, CVE-2011-1182, CVE-2011-1493, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1581, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746, CVE-2011-1748, CVE-2011-1770, CVE-2011-1771, CVE-2011-1833, CVE-2011-2022, CVE-2011-2484; MD5 | bb1d77163194f3843168c4d7dba75680; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-1204-1: Posted Sep 14, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1204-1 - Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.; tags | advisory, kernel, local, root; systems | linux, ubuntu; advisories | CVE-2010-3859, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4175, CVE-2010-4242, CVE-2010-4243, CVE-2010-4251, CVE-2010-4526, CVE-2010-4649, CVE-2010-4668, CVE-2010-4805, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1020, CVE-2011-1044, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1082, CVE-2011-1090, CVE-2011-1093; MD5 | d372af01183a028bf3bd3528a3aab84f; Download | Favorite | Comments (0)

Ubuntu Security Notice USN-1189-1: Posted Aug 20, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1189-1 - It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.; tags | advisory, kernel, local, vulnerability; systems | linux, ubuntu; advisories | CVE-2011-1020, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1160, CVE-2011-1180, CVE-2011-1493, CVE-2011-2492; MD5 | 63adb7c7efa179525da379ee2e712499; Download | Favorite | Comments (0)

Debian Security Advisory 2264-1: Posted Jun 19, 2011; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2264-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.; tags | advisory, denial of service, kernel, vulnerability; systems | linux, debian; advisories | CVE-2010-2524, CVE-2010-3875, CVE-2010-4075, CVE-2010-4655, CVE-2011-0695, CVE-2011-0710, CVE-2011-0711, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1017, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1090, CVE-2011-1093, CVE-2011-1160, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-1180, CVE-2011-1182, CVE-2011-1477, CVE-2011-1493, CVE-2011-1577, CVE-2011-1593; MD5 | e4fc6508acdcc4816d4b46bbbcd75992; Download | Favorite | Comments (0)

Red Hat Security Advisory 2011-0833-01: Posted Jun 1, 2011; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2011-0833-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw in the dccp_rcv_state_process() function could allow a remote attacker to cause a denial of service, even when the socket was already closed. Multiple buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.; tags | advisory, remote, denial of service, overflow, kernel, local; systems | linux, redhat; advisories | CVE-2011-0726, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1763; MD5 | bde747ec06cbdfaa6b01930157a97ef5; Download | Favorite | Comments (0)

Debian Security Advisory 2240-1: Posted May 25, 2011; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2240-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.; tags | advisory, denial of service, kernel, vulnerability; systems | linux, debian; advisories | CVE-2010-3875, CVE-2011-0695, CVE-2011-0711, CVE-2011-0726, CVE-2011-1016, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1090, CVE-2011-1160, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-1180, CVE-2011-1182, CVE-2011-1476, CVE-2011-1477, CVE-2011-1478, CVE-2011-1493, CVE-2011-1494, CVE-2011-1495, CVE-2011-1585, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746; MD5 | e998c309600ece9aea4775ee55963b9e; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Red Hat 68 files
Ubuntu 43 files
Debian 28 files
Google Security Research 27 files
Gentoo 23 files
Todor Donev 15 files
Sureshbabu Narvaneni 11 files
mjurczyk 9 files
Apple 7 files
ManhNho 6 files

File Archives

Systems

AIX (409)
Apple (1,539)
BSD (333)
Cisco (1,807)
Debian (5,485)
Fedora (1,679)
FreeBSD (1,193)
Gentoo (3,561)
HPUX (865)
iOS (171)
iPhone (103)
IRIX (219)
Juniper (66)
Linux (33,219)
Mac OS X (652)
Mandriva (3,105)
NetBSD (254)
OpenBSD (455)
RedHat (6,401)
Slackware (814)
Solaris (1,569)
SUSE (1,444)
Ubuntu (5,589)
UNIX (8,259)
UnixWare (172)
Windows (5,320)
Other