exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

CVE-2011-4077

Status Candidate

Overview

Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.

Related Files

HP Security Bulletin HPSBGN02970
Posted Mar 11, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02970 - Potential vulnerabilities have been identified with HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment. The vulnerabilities could be exploited remotely affecting confidentiality, integrity and availability. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-2182, CVE-2011-2213, CVE-2011-2492, CVE-2011-2518, CVE-2011-2689, CVE-2011-2723, CVE-2011-3188, CVE-2011-4077, CVE-2011-4110, CVE-2012-0058, CVE-2012-0879, CVE-2012-1088, CVE-2012-1179, CVE-2012-2137, CVE-2012-2313, CVE-2012-2372, CVE-2012-2373, CVE-2012-2375, CVE-2012-2383, CVE-2012-2384, CVE-2013-6205, CVE-2013-6206
SHA-256 | e25777250b7eb57ebcfad065c189fe97acfb1a87cb7e94b581d8e42eebdd57b0
Red Hat Security Advisory 2012-0350-01
Posted Mar 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0350-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4347, CVE-2011-4594, CVE-2011-4611, CVE-2011-4622, CVE-2012-0038, CVE-2012-0045, CVE-2012-0207
SHA-256 | d8a60be00abc472adc04c925566012a45e0ea8c2dd26a7a38e5dd76f2aabd4c9
Red Hat Security Advisory 2012-0333-01
Posted Feb 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0333-01 - Updates have been made to the Linux kernel. SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to the underlying block device, allowing a privileged user to bypass restrictions and gain read and write access to the entire block device. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use a flaw in the Performance Events implementation to cause a denial of service. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-2918, CVE-2011-4077, CVE-2011-4097, CVE-2011-4110, CVE-2011-4127, CVE-2011-4131, CVE-2011-4132, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207, CVE-2012-0810
SHA-256 | ab385ec0a710376d5bd1648fee2d56710fe8b5e7cf9b6e8931a4f3a897ec925a
Ubuntu Security Notice USN-1340-1
Posted Jan 24, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1340-1 - Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-2203, CVE-2011-4077, CVE-2011-4110, CVE-2011-4132, CVE-2011-4330, CVE-2012-0044
SHA-256 | 53b7beba816a72a2e2ea1ad4ce906bde15a2f14e658ba30e18a94a7b9bc365dc
Debian Security Advisory 2389-1
Posted Jan 16, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2389-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2011-2183, CVE-2011-2213, CVE-2011-2898, CVE-2011-3353, CVE-2011-4077, CVE-2011-4110, CVE-2011-4127, CVE-2011-4611, CVE-2011-4622, CVE-2011-4914
SHA-256 | 7142ab8184386cceaaac3987adf991bb72599c5c19d55e4d3b1a62587cb21313
Ubuntu Security Notice USN-1330-1
Posted Jan 14, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1330-1 - Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-2203, CVE-2011-4077, CVE-2011-4110, CVE-2011-4132, CVE-2011-4330
SHA-256 | efc6b91a2d8028967deb8b38402456f7c79e0da90f8e51508f10f6dcaa485d28
Ubuntu Security Notice USN-1330-1
Posted Jan 14, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1330-1 - Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-2203, CVE-2011-4077, CVE-2011-4110, CVE-2011-4132, CVE-2011-4330
SHA-256 | efc6b91a2d8028967deb8b38402456f7c79e0da90f8e51508f10f6dcaa485d28
Red Hat Security Advisory 2012-0007-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0007-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-1020, CVE-2011-3637, CVE-2011-4077, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2011-4330, CVE-2011-4348
SHA-256 | 14cc28a3df69b8e6b2fc6473a6b5dacebe7c4ddbba6984ec740c93d61e9322db
Ubuntu Security Notice USN-1312-1
Posted Dec 19, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1312-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4330
SHA-256 | 3aeab52346bf4f6a1ad62c8d618495f6f4e27104c5519860741dab5b42e4dde7
Ubuntu Security Notice USN-1311-1
Posted Dec 19, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1311-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1162, CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | 079875549c90e40e46e8b48124d73c56179b8faa866f9696ddfa6d615846973d
Ubuntu Security Notice USN-1304-1
Posted Dec 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1304-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Scot Doyle discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4087, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | 6d2a20967eadf3aba427c6e36f59f62b119e6c705633091d9326357f7fb00aec
Ubuntu Security Notice USN-1303-1
Posted Dec 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1303-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1162, CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | 12c1953500d71f26c59ebcdc9a73ed35de3b2b65402d19d430823d934b100a8e
Ubuntu Security Notice USN-1302-1
Posted Dec 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1302-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | c12d1ac14c6a1deacb430f530bad9934b8dd23b2ac72d692da1422fe585dfd31
Ubuntu Security Notice USN-1299-1
Posted Dec 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1299-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1162, CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | dd49738f3b31a161fdf267ef2d52086ca3d699a28a01af294cf1352dcb5d5daa
Ubuntu Security Notice USN-1301-1
Posted Dec 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1301-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4330
SHA-256 | df053b32fc395fc3b94d1f22ffaff0def1d3243827b64674a61ed5aae30b4d53
Ubuntu Security Notice USN-1300-1
Posted Dec 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1300-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Clement Lecigne discovered a bug in the HFS file system bounds checking. When a malformed HFS file system is mounted a local user could crash the system or gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4132, CVE-2011-4330
SHA-256 | 1fc7f990b9172fbe0e94f350e2a02fb9c5aeb94ca6f4c4f5af3fb373b94fee5a
Ubuntu Security Notice USN-1293-1
Posted Dec 8, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1293-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | 7fc196aedda92fd82f8306f34f53fdcc76d7e2380188eab9863908f25206edd3
Ubuntu Security Notice USN-1292-1
Posted Dec 8, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1292-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | e56bd530ab01e0d28606cc55207499939d90e747e47252a8abe8e9591ba531f5
Ubuntu Security Notice USN-1291-1
Posted Dec 8, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1291-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Clement Lecigne discovered a bug in the HFS file system bounds checking. When a malformed HFS file system is mounted a local user could crash the system or gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4132, CVE-2011-4330
SHA-256 | 2898c81e08aa59f58b87d94dae03200e92b3371465b43e371d4113f24da945fd
Ubuntu Security Notice USN-1286-1
Posted Dec 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1286-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-2491, CVE-2011-2496, CVE-2011-2517, CVE-2011-2525, CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | 6043a3fbf2080a512662c349ee447bed0a78df45f28b48e5909b135726bd239e
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close