Computer Security
[EN] no-pyccku

Linux kernel multiple security vulnerabilities
updated since 11.02.2008
SecurityVulns ID:8659
Threat Level:
Description:Kernel memory access with vmsplice syscall, access between virtual machines with /proc
Affected:LINUX : kernel 2.6
CVE:CVE-2008-0600 (The vmsplice_to_pipe function in Linux kernel 2.6.17 through does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.)
Original documentdocumentWojciech Purczynski, CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference (12.02.2008)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1494-1] New linux-2.6 packages fix privilege escalation (11.02.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod