Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel multiple security vulnerabilities
updated since 04.02.2010
Published:04.02.2010
Source:
SecurityVulns ID:10581
Type:remote
Threat Level:
5/10
Description:Buffer overflow on ISDN HDLC packet, gdth driver IOCTL privilege escalation, devtmpfs weak permissions.
CVE:CVE-2010-0299 (openSUSE 11.2 installs the devtmpfs root directory with insecure permissions (1777), which allows local users to gain privileges via unspecified vectors.)
 CVE-2009-4005 (The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read.)
 CVE-2009-3080 (Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.)
Original documentdocumentMANDRIVA, [ MDVSA-2010:030 ] kernel (04.02.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod