Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в ядре Linux
Опубликовано:10 марта 2012 г.
Источник:
SecurityVulns ID:12243
Тип:удаленная
Уровень опасности:
5/10
Описание:DoS на файловых системах LDM и NFSv4, повышение привилегий через футексы.
Затронутые продукты:LINUX : kernel 2.6
CVE:CVE-2012-0028 (The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.)
 CVE-2011-4324 (The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem.)
 CVE-2011-2182 (The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partition table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1017.)
Оригинальный текстdocumentUBUNTU, [USN-1390-1] Linux kernel vulnerabilities (10.03.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород