what you don't know can hurt you
Showing 1 - 4 of 4 RSS Feed

CVE-2011-4097

Status Candidate

Overview

Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.

Related Files

Ubuntu Security Notice USN-1386-1
Posted Mar 6, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1386-1 - The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-2498, CVE-2011-2518, CVE-2011-3353, CVE-2011-4097, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207, CVE-2011-2498, CVE-2011-2518, CVE-2011-3353, CVE-2011-4097, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207
MD5 | 0f5c9c2b1f8cdf33cb82a747daa13630
Ubuntu Security Notice USN-1384-1
Posted Mar 6, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1384-1 - A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4097, CVE-2011-4127, CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207, CVE-2011-4097, CVE-2011-4127, CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207
MD5 | 601dd54cccb27b3b2ac90280b970ac9f
Ubuntu Security Notice USN-1380-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1380-1 - The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-2498, CVE-2011-2518, CVE-2011-4097, CVE-2012-0207, CVE-2011-2498, CVE-2011-2518, CVE-2011-4097, CVE-2012-0207
MD5 | cbf670852c7d33349683932e7de814a5
Red Hat Security Advisory 2012-0333-01
Posted Feb 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0333-01 - Updates have been made to the Linux kernel. SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to the underlying block device, allowing a privileged user to bypass restrictions and gain read and write access to the entire block device. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use a flaw in the Performance Events implementation to cause a denial of service. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-2918, CVE-2011-4077, CVE-2011-4097, CVE-2011-4110, CVE-2011-4127, CVE-2011-4131, CVE-2011-4132, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207, CVE-2012-0810
MD5 | acd5156e0653e244a607e8d5390d6517
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close