Ubuntu Security Notice 1280-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service.
1087da56241ea4fe0d64ef0b3568b3dd1b39a2ceafc2bfa2a57b8d6eda903151Ubuntu Security Notice 1278-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
8fc659e1e77c5000547f9f535c1921bdcb9f9740bffb44f47b411d8891107fd1Ubuntu Security Notice 1271-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. It was discovered that the GRE protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ip_gre module was loading, and crash the system, leading to a denial of service. Various other issues were also addressed.
780e7898e3ae112f38373badd4790c4b6d45b0de5dde9d12f1bfd6ee1d6bbe8aUbuntu Security Notice 1272-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
743cb378b3852f5f0342fd308ffb4497b15ec55b0738d504936a9d732df2d9d0Ubuntu Security Notice 1256-1 - It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. Vasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Various other issues were also addressed.
065ea3de04cbda6ba2f070db62f0f0ff03f73b678f1a9b1d73799d5e8bba15abRed Hat Security Advisory 2011-1386-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The maximum file offset handling for ext4 file systems could allow a local, unprivileged user to cause a denial of service. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. Various other issues in the kernel have also been addressed.
a292c5086756cbebf4c05054f127313991d1329a2c63d6296b2aa08d6948fc72Red Hat Security Advisory 2011-1253-01 - Updated kernel-rt packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise MRG 2.0. The Red Hat Security Response Team has rated this update as having important security impact.
5d74eae8a478f1639bcefe4abf0a381df1d68b77824da152d114e20cc673b84aDebian Linux Security Advisory 2240-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
e80a5985f8ab30d0e1b27069f1a8ac244b9edc0a3bb35aa75124e26c94b75e19
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed