Смотрите также связанные темы 14.08.2018 CVE-2008-3686 The rt6_fill_node function in Linux kernel 2.6.26-rc4, 2.6.26.2, and possibly other 2.6.26 versions, allows local users to cause a denial of service (kernel OOPS) via IPv6 requests when no IPv6 input device is in use, which triggers a NULL pointer dereference.
03.09.2018 CVE-2008-3901 Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer.
11.09.2018 [ MDVSA-2008:190 ] postfix A vulnerability in Postfix 2.4 and later was discovered, when
running on Linux kernel 2.6, where a local user could cause a denial
of service due to Postfix leaking the epoll file descriptor when
executing non-Postfix commands (CVE-2008-3889).
12.09.2018 CVE-2008-3889 Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application slowdown or exit) via a crafted command, as demonstrated by a command in a .forward file.
26.01.2018 CVE-2009-0269 fs/ecryptfs/inode.c in the eCryptfs subsystem in the Linux kernel before 2.6.28.1 allows local users to cause a denial of service (fault or memory corruption), or possibly have unspecified other impact, via a readlink call that results in an error, leading to use of a -1 return value as an array index.
16.01.2018 2009-01-15 - [slackware-security] bind 10.2/11.0 recompile (SSA:2009-015-01) -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1[slackware-security] bind 10.2/11.0 recompile (SSA:2009-015-01)Updated bind packages are available for Slackware 10.2 and 11.0 to address aload problem. It was reported that the initial build of these updatescomplained that the Linux capability module was not present and would refuseto load. It was determined that the packages which were compiled on 10.2and 11.0 systems running 2.6 kernels, and although the installed kernelheaders are from 2.4.x, it picked up on this resulting in packages thatwould only run un...
20.01.2018 [RHSA-2009:0225-02] Important: Red Hat Enterprise Linux 5.3 kernel security and bug fix update Red Hat Security Advisory - Important: Red Hat Enterprise Linux 5.3 kernel security and bug fix update
10.02.2018 CVE-2008-6107 The (1) sys32_mremap function in arch/sparc64/kernel/sys_sparc32.c, the (2) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c, and the (3) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel before 2.6.25.4, omit some virtual-address range (aka span) checks when the mremap MREMAP_FIXED bit is not set, which allows local users to cause a denial of service (panic) via unspecified mremap calls, a related issue to CVE-2008-2137.
22.02.2018 CVE-2009-0676 The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request.
09.03.2018 CVE-2009-0859 The shm_get_stat function in ipc/shm.c in the shm subsystem in the Linux kernel before 2.6.28.5, when CONFIG_SHMEM is disabled, misinterprets the data type of an inode, which allows local users to cause a denial of service (system hang) via an SHM_INFO shmctl call, as demonstrated by running the ipcs program.
|