exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2013-291

Posted Dec 19, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-291 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. Various other issues have also been addressed.

tags | advisory, kernel, local, vulnerability

systems | linux, mandriva

advisories | CVE-2013-2929, CVE-2013-2930, CVE-2013-4511, CVE-2013-4512, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380, CVE-2013-6381, CVE-2013-6383, CVE-2013-6763

SHA-256 | e4a9556722b4bee5720cc309bc992b81c4ac568a9f675f7f404694d9b54048e1

Download | Favorite | View

Related Files

No related files