Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel multiple security vulnerabilities
updated since 11.02.2008
Published:12.02.2008
Source:
SecurityVulns ID:8659
Type:local
Threat Level:
7/10
Description:Kernel memory access with vmsplice syscall, access between virtual machines with /proc
Affected:LINUX : kernel 2.6
CVE:CVE-2008-0600 (The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vulnerability than CVE-2008-0009 and CVE-2008-0010.)
 CVE-2008-0163
 CVE-2008-0010
Original documentdocumentWojciech Purczynski, CSA-L03: Linux kernel vmsplice unchecked user-pointer dereference (12.02.2008)
 documentDEBIAN, [Full-disclosure] [SECURITY] [DSA 1494-1] New linux-2.6 packages fix privilege escalation (11.02.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod