Computer Security
[EN] no-pyccku

Linux kernel multiple security vulnerabilities
SecurityVulns ID:12243
Threat Level:
Description:LDM and NFSv4 file systems DoS, futexes privilege escalation.
Affected:LINUX : kernel 2.6
CVE:CVE-2012-0028 (The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.)
 CVE-2011-4324 (The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem.)
 CVE-2011-2182 (The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partition table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1017.)
Original documentdocumentUBUNTU, [USN-1390-1] Linux kernel vulnerabilities (10.03.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod