exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2012-0207

Status Candidate

Overview

The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.

Related Files

Red Hat Security Advisory 2012-0422-01
Posted Mar 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0422-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way the Linux kernel's KVM hypervisor implementation emulated the syscall instruction for 32-bit guests. An unprivileged guest user could trigger this flaw to crash the guest.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2012-0045, CVE-2012-0207
SHA-256 | e7c086b0a89043ce5cf76161bb765ad57ed42473aa9dd693872c06322bb113dc
Red Hat Security Advisory 2012-0350-01
Posted Mar 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0350-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4347, CVE-2011-4594, CVE-2011-4611, CVE-2011-4622, CVE-2012-0038, CVE-2012-0045, CVE-2012-0207
SHA-256 | d8a60be00abc472adc04c925566012a45e0ea8c2dd26a7a38e5dd76f2aabd4c9
Ubuntu Security Notice USN-1386-1
Posted Mar 6, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1386-1 - The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-2498, CVE-2011-2518, CVE-2011-3353, CVE-2011-4097, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207, CVE-2011-2498, CVE-2011-2518, CVE-2011-3353, CVE-2011-4097, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207
SHA-256 | 592f0d80f08ac87ab6ec43ce2f47735b6630fba60fe855ae8f8ec5015e2ae809
Ubuntu Security Notice USN-1384-1
Posted Mar 6, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1384-1 - A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl command. A local user, or user in a VM could exploit this flaw to bypass restrictions and gain read/write access to all data on the affected block device. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4097, CVE-2011-4127, CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207, CVE-2011-4097, CVE-2011-4127, CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207
SHA-256 | ba35da89b5eae8117d31f718c99da404c1ff80d437df5bc034c13a24bb0b4c94
Ubuntu Security Notice USN-1380-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1380-1 - The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-2498, CVE-2011-2518, CVE-2011-4097, CVE-2012-0207, CVE-2011-2498, CVE-2011-2518, CVE-2011-4097, CVE-2012-0207
SHA-256 | 75b2e946d5ac4bde2cd9ccb2f923e5ac56c71eccf01382aa1830ca8d92bf01c6
Red Hat Security Advisory 2012-0333-01
Posted Feb 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0333-01 - Updates have been made to the Linux kernel. SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to the underlying block device, allowing a privileged user to bypass restrictions and gain read and write access to the entire block device. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use a flaw in the Performance Events implementation to cause a denial of service. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-2918, CVE-2011-4077, CVE-2011-4097, CVE-2011-4110, CVE-2011-4127, CVE-2011-4131, CVE-2011-4132, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207, CVE-2012-0810
SHA-256 | ab385ec0a710376d5bd1648fee2d56710fe8b5e7cf9b6e8931a4f3a897ec925a
Red Hat Security Advisory 2012-0168-01
Posted Feb 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0168-01 - The rhev-hypervisor5 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2011-4109, CVE-2011-4576, CVE-2011-4619, CVE-2012-0029, CVE-2012-0207
SHA-256 | bb1c7d2fa41c5e43267b70421481368a0747bc20aa8aecdd962ffe916076e965
Ubuntu Security Notice USN-1364-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1364-1 - A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207, CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207
SHA-256 | e847291e2956e9eeb864470a8ac967e656c915178d520472524b2f9834c84e45
Ubuntu Security Notice USN-1363-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1363-1 - A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer. A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207, CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207
SHA-256 | 00db81ad81883140a2fb9f8a3cf95426da7934bf25c0269359abe6ac6c16194c
Red Hat Security Advisory 2012-0107-01
Posted Feb 10, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0107-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access to the entire block device. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the References, for further details about this issue.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-3638, CVE-2011-4086, CVE-2011-4127, CVE-2012-0028, CVE-2012-0207
SHA-256 | 0f06f08a25a1cc6f395b307753e4762964477f1ec0e20c7adb0a86df4fce7422
Ubuntu Security Notice USN-1356-1
Posted Feb 7, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1356-1 - A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Chen Haogang discovered an integer overflow that could result in memory corruption. A local unprivileged user could use this to crash the system. A flaw was found in the linux kernels IPv4 IGMP query processing. A remote attacker could exploit this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-0038, CVE-2012-0044, CVE-2012-0207, CVE-2012-0038, CVE-2012-0044, CVE-2012-0207
SHA-256 | 273765a9dc6a271d3102ed83aa47f5dcfd7f9c56f6f7a215a553292598ed7c31
Linux IGMP Remote Denial Of Service
Posted Jan 18, 2012
Authored by Kingcope, Ben Hutchings, Firestorm

Remote Linux IGMP denial of service exploit for a vulnerability introduced in kernel 2.6.36.

tags | exploit, remote, denial of service, kernel
systems | linux
advisories | CVE-2012-0207
SHA-256 | 3f774420cceb820eadca2d64adb8e8aef38d2ecaaf08171ea9586e48b2e73616
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close