Mandriva Linux Security Advisory - A buffer overflow in GNU tar has unspecified attack vectors and impact, resulting in a crashing stack.
d6ca54d22cddc8887b5129f6edc2abd3964ee5f3bd49e9a2c3792ad6fd25eb7bSecunia Security Advisory - Krystian Kloskowski has discovered a vulnerability in jetAudio, which can be exploited by malicious people to compromise a user's system.
61a3ece9c766357554eb0cb8bd23a6c8fd2324a6411469e89e4a78272aec8155Secunia Security Advisory - Gentoo has issued an update for kdm. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
82a98787cf0beb62cfd86ac0e61e8b5bfcc3ef5b0f7f656852d00d52a289853eSecunia Security Advisory - A vulnerability has been reported in SUSE Linux Enterprise Server, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
838a449278a0c8d3240d9a63d50367cc4a66c92c21b05e796a567e1db7a8797cSecunia Security Advisory - A vulnerability has been reported in dotProject, which can be exploited by malicious users to bypass certain security restrictions.
9e2d9f4dbc3c1a0ffc40d487620d6f87f140b3d4b9abfe0b3df7af59943dbd8bSecunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potential sensitive information, gain escalated privileges, and cause a DoS (Denial of Service) and by malicious people to cause a DoS.
5b546ab298a308b62afd71ba8d2397bf87c3203fb0ec1cc3774ac309347e1abdSecunia Security Advisory - Fedora has issued an update for hplib. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
7932b211139d0117a4597b8cc949603441a449352c19b5d7889e827d2dfff061Secunia Security Advisory - Gentoo has issued an update for xfs. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges or gain escalated privileges.
7b86b3f1e11269e9344df81dd40599929fd2a29b6cd3568176f107f43a025dceMandriva Linux Security Advisory - The compat_sys_mount function in fs/compat.c allowed local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode. The nf_conntrack function in netfilter did not set nfctinfo during reassembly of fragmented packets, which left the default value as IP_CT_ESTABLISHED and could allow remote attackers to bypass certain rulesets using IPv6 fragments. A typo in the Linux kernel caused RTA_MAX to be used as an array size instead of RTN_MAX, which lead to an out of bounds access by certain functions. The IPv6 protocol allowed remote attackers to cause a denial of service via crafted IPv6 type 0 route headers that create network amplification between two routers. The random number feature did not properly seed pools when there was no entropy, or used an incorrect cast when extracting entropy, which could cause the random number generator to provide the same values after reboots on systems without an entropy source. A memory leak in the PPPoE socket implementation allowed local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized. An integer underflow in the cpuset_tasks_read function, when the cpuset filesystem is mounted, allowed local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file. The sctp_new function in netfilter allowed remote attackers to cause a denial of service by causing certain invalid states that triggered a NULL pointer dereference. A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size. The lcd_write function did not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). The Linux kernel allowed local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die which delivered an attacker-controlled parent process death signal (PR_SET_PDEATHSIG). The aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer ioctl patch in aacraid did not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges. The IA32 system call emulation functionality, when running on the x86_64 architecture, did not zero extend the eax register after the 32bit entry path to ptrace is used, which could allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
64832840334304a0ea0bb133dcd8a2e85f8bbea606fab02ea59dc6a77f2fed01Mandriva Linux Security Advisory - A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size. The lcd_write function did not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption). The decode_choice function allowed remote attackers to cause a denial of service (crash) via an encoded out-of-range index value for a choice field which triggered a NULL pointer dereference. The Linux kernel allowed local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die which delivered an attacker-controlled parent process death signal (PR_SET_PDEATHSIG). The aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer ioctl patch in aacraid did not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges. The IA32 system call emulation functionality, when running on the x86_64 architecture, did not zero extend the eax register after the 32bit entry path to ptrace is used, which could allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
7396d5929f8b6a093c3146935c5a3292400cad621bbfd5eb7745201a2c3287b1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed