what you don't know can hurt you
Showing 1 - 11 of 11 RSS Feed

CVE-2012-5517

Status Candidate

Overview

The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator.

Related Files

Mandriva Linux Security Advisory 2013-194
Posted Jul 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-194 - Multiple vulnerabilities has been found and corrected in the Linux kernel. net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. Various other issues have also been addressed. The updated packages provides a solution for these security issues.

tags | advisory, remote, denial of service, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2012-5517, CVE-2013-0231, CVE-2013-1059, CVE-2013-1774, CVE-2013-2147, CVE-2013-2148, CVE-2013-2164, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2850, CVE-2013-2851, CVE-2013-2852, CVE-2013-3301
MD5 | 25d525391a2ce9a5792be99f27172d9f
Ubuntu Security Notice USN-1704-2
Posted Feb 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1704-2 - USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4461, CVE-2012-4508, CVE-2012-4530, CVE-2012-4565, CVE-2012-5517, CVE-2012-5532
MD5 | ec938d9f9edb9255dc8518932ade6a5a
Ubuntu Security Notice USN-1704-1
Posted Jan 23, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1704-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4461, CVE-2012-4508, CVE-2012-4530, CVE-2012-4565, CVE-2012-5517, CVE-2012-5532, CVE-2012-0957, CVE-2012-4461, CVE-2012-4508, CVE-2012-4530, CVE-2012-4565, CVE-2012-5517, CVE-2012-5532
MD5 | ad1dbf8308a60ea5598f6aae1851f7cd
Ubuntu Security Notice USN-1678-1
Posted Dec 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1678-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | 677d656cefdec29396fa13626a1aca85
Ubuntu Security Notice USN-1677-1
Posted Dec 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1677-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | 3663242020dc16019ed748ca0e864f9d
Ubuntu Security Notice USN-1679-1
Posted Dec 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1679-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | 8cc7829df3e4556b048e411bec896b6a
Ubuntu Security Notice USN-1673-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1673-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | 7a7174d8d3fe4dbe010abd7aabd156bb
Ubuntu Security Notice USN-1671-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1671-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | d6f6a8969b3a7011b0fa0ab5b30f620c
Ubuntu Security Notice USN-1670-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1670-1 - A flaw was discovered in the Linux kernel's handling of new hot plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | 71a9b69f08405a6dc16be4901fd3a634
Red Hat Security Advisory 2012-1580-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1580-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RHSA-2012:0862 update did not correctly fix the CVE-2011-4131 issue. A malicious Network File System version 4 server could return a crafted reply to a GETACL request, causing a denial of service on the client. A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the TCP Illinois congestion control algorithm were in use, a local, unprivileged user could trigger this flaw and cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, redhat
advisories | CVE-2012-2100, CVE-2012-2375, CVE-2012-4444, CVE-2012-4565, CVE-2012-5517
MD5 | 1e660288ebddb211c27cc4445a21aa3a
Ubuntu Security Notice USN-1669-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1669-1 - A flaw was discovered in the Linux kernel's handling of new hot plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | 98921997ea38912369924d177241e7f8
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    9 Files
  • 23
    Aug 23rd
    3 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close