Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в ядре Linux (multiple bugs)
Опубликовано:4 октября 2007 г.
Источник:
SecurityVulns ID:8210
Тип:локальная
Уровень опасности:
6/10
Описание:Многочисленные условия отказа в обслуживании.
Затронутые продукты:LINUX : kernel 2.6
CVE:CVE-2007-5093 (The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device.)
 CVE-2007-4133
 CVE-2006-5755 (Linux kernel before 2.6.18, when running on x86_64 systems, does not properly save or restore EFLAGS during a context switch, which allows local users to cause a denial of service (crash) by causing SYSENTER to set an NT flag, which can trigger a crash on the IRET of the next task.)
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 1381-1] New Linux 2.6.18 packages fix several vulnerabilities (04.10.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород