exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2011-1082

Status Candidate

Overview

fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.

Related Files

Ubuntu Security Notice USN-1204-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1204-1 - Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3859, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4175, CVE-2010-4242, CVE-2010-4243, CVE-2010-4251, CVE-2010-4526, CVE-2010-4649, CVE-2010-4668, CVE-2010-4805, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1020, CVE-2011-1044, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1082, CVE-2011-1090, CVE-2011-1093
SHA-256 | d65a3d265010dcc757cc58fad050e2727d47806e2609d736043b0ff3e79a9e82
Ubuntu Security Notice USN-1160-1
Posted Jun 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1160-1 - Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc filesystem. A local attacker could use this to increase the chances of a successful memory corruption exploit. Kees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. Various other issues were also addressed.

tags | advisory, x86, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-4529, CVE-2010-4565, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0711, CVE-2011-0712, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1016, CVE-2011-1017, CVE-2011-1019, CVE-2011-1082, CVE-2011-1083, CVE-2011-1169, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495, CVE-2011-1593, CVE-2011-1745, CVE-2011-1748, CVE-2011-2022
SHA-256 | 934e3131ff453ae37627f4f3e4e27245ba82027abdbac477246bd7efd898fe63
Red Hat Security Advisory 2011-0883-01
Posted Jun 22, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0883-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update includes backported fixes for security issues. These issues, except for CVE-2011-1182, only affected users of Red Hat Enterprise Linux 6.0 Extended Update Support as they have already been addressed for users of Red Hat Enterprise Linux 6 in the 6.1 update, RHSA-2011:0542. Security fixes: Buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2010-3881, CVE-2010-4251, CVE-2010-4805, CVE-2011-0999, CVE-2011-1010, CVE-2011-1082, CVE-2011-1090, CVE-2011-1163, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1182, CVE-2011-1494, CVE-2011-1495
SHA-256 | 32c69eb58d8c9cfe079f467c02ccea31eabfd23e1dfefd7f8f1a39af947e1df7
Ubuntu Security Notice USN-1141-1
Posted Jun 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1141-1 - Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service. Various other issues were also discovered.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4243, CVE-2010-4263, CVE-2010-4342, CVE-2010-4529, CVE-2010-4565, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0712, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1016, CVE-2011-1019, CVE-2011-1082, CVE-2011-1083, CVE-2011-1182
SHA-256 | 57d390bf303463d6c20dbdd18a9985526c1055c3466d6eb556248e59af380d06
Page 1 of 1
Back1Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    8 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close