Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel multiple security vulnerabilities
Published:04.06.2008
Source:
SecurityVulns ID:9048
Type:local
Threat Level:
5/10
Description:fcntl() race conditions, tehuti driver privilege escalation.
Affected:LINUX : kernel 2.6
CVE:CVE-2008-1675 (The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.)
 CVE-2008-1669 (Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table.")
 CVE-2008-1375 (Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.)
Original documentdocumentUBUNTU, [USN-614-1] Linux kernel vulnerabilities (04.06.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod