Computer Security
[EN] securityvulns.ru no-pyccku


Linux kernel DoS
Published:11.05.2010
Source:
SecurityVulns ID:10819
Type:local
Threat Level:
5/10
Description:DoS conditions in nfs_wait_on_request, and sg_build_indirect functions.
CVE:CVE-2010-1087 (The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.)
 CVE-2009-3288 (The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device.)
Original documentdocumentRPATH, rPSA-2010-0037-1 kernel (11.05.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod