|
Linux kernel multiple security vulnerabilities
updated since 19.07.2007 | | Published: |  | 19.07.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7954 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | DoS with cluster manager, DoS with usblcd driver, DoS with VFAT IOCTL. |
| Affected: |  | LINUX : kernel 2.6 | | CVE: |  | CVE-2007-3513 (The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption).) | | | | CVE-2007-3380 (The Distributed Lock Manager (DLM) in the cluster manager for Linux kernel 2.6.15 allows remote attackers to cause a denial of service (loss of lock services) by connecting to the DLM port, which probably prevents other processes from accessing the service.) | | | | CVE-2007-2878 (The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors.) | | | | CVE-2007-2876 (The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid states that trigger a NULL pointer dereference.) | | | | CVE-2007-2875 (Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file.) | | | | CVE-2007-2525 (Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.) |
|
|
|
|
|
