VMware Security Advisory 2012-0001 - VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.
e35a8f609b986bb8b2fc490b895224847eba088cf1f87974f9bc5820e0c3c589Ubuntu Security Notice 1183-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Neil Horman discovered that NFSv4 did not correctly handle certain orders of operation with ACL data. A remote attacker with access to an NFSv4 mount could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
41132c553abe1fdfc234d54df5758ce32b544f07f7485844769ad28b9d50cd4bUbuntu Security Notice 1170-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. It was discovered that Xen did not correctly handle certain block requests. A local attacker in a Xen guest could cause the Xen host to use all available CPU resources, leading to a denial of service. Various other issues were also addressed.
1723caad95829c697af2c75e3b2eaa05c86499fc1d4c521bf8bf41368013a4c8Ubuntu Security Notice 1168-1 - Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. Neil Horman discovered that NFSv4 did not correctly handle certain orders of operation with ACL data. A remote attacker with access to an NFSv4 mount could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
9e8b2714fc824099faae4514943113a649653ec0b7b956ff20ec815f77363076Ubuntu Security Notice 1161-1 - Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. Various other issues were also addressed.
7fa90836e44442172cf8b1b95f7fecc0dda61b8fd76a598bf22b7b31c19adb0bUbuntu Security Notice 1159-1 - Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service. Various other issues were also addressed.
b846a972a635d2f4929093c13ed01b597ac9a45ad66ad9a96e3d4bd83abe9d31Ubuntu Security Notice 1162-1 - Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service. Various other issues were also addressed.
5f9dbdee4c9cb66849ecb0fc61bcdea533d2e1379acc2d9161a3c99809f90f7eRed Hat Security Advisory 2011-0883-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update includes backported fixes for security issues. These issues, except for CVE-2011-1182, only affected users of Red Hat Enterprise Linux 6.0 Extended Update Support as they have already been addressed for users of Red Hat Enterprise Linux 6 in the 6.1 update, RHSA-2011:0542. Security fixes: Buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.
32c69eb58d8c9cfe079f467c02ccea31eabfd23e1dfefd7f8f1a39af947e1df7Debian Linux Security Advisory 2264-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
4651fa67004a9e7d7332ee7abc2daad2af631e68a48c132d8217d95854217ba6Red Hat Security Advisory 2011-0833-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw in the dccp_rcv_state_process() function could allow a remote attacker to cause a denial of service, even when the socket was already closed. Multiple buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.
6c8017bb07a6916f0d7d7287b1de37c93f29942577ec63e233b807942ce1a0c5Debian Linux Security Advisory 2240-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
e80a5985f8ab30d0e1b27069f1a8ac244b9edc0a3bb35aa75124e26c94b75e19PRE-CERT Security Advisory - The Linux kernel contains a vulnerability that may lead to information leakage due to corrupted partition tables. The kernel automatically evaluates partition tables of storage devices. This happens independently of whether any auto-mounting is enabled or not. The code for evaluating OSF partition tables contains a buffer overflow bug that allows to leak data from the kernel heap to userspace.
840a78e369ff5c0e92b3309786394686661b6bce2c03f29b8b88ff04b1d3ea53
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed