Информационная безопасность
[RU] switch to English


Уязвимости безопасности в ядре Linux
Опубликовано:18 сентября 2012 г.
Источник:
SecurityVulns ID:12587
Тип:удаленная
Уровень опасности:
6/10
Описание:DoS условия, утечка информации.
Затронутые продукты:LINUX : kernel 2.6
 LINUX : kernel 3.3
CVE:CVE-2012-3511 (Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2) close system call.)
 CVE-2012-3430 (The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) recvfrom or (2) recvmsg system call on an RDS socket.)
 CVE-2012-3412 (The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value.)
 CVE-2012-2745 (The copy_creds function in kernel/cred.c in the Linux kernel before 3.3.2 provides an invalid replacement session keyring to a child process, which allows local users to cause a denial of service (panic) via a crafted application that uses the fork system call.)
Оригинальный текстdocumentUBUNTU, [USN-1567-1] Linux kernel vulnerabilities (18.09.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород