Информационная безопасность
[RU] switch to English


DoS против ядра Linux
Опубликовано:11 мая 2010 г.
Источник:
SecurityVulns ID:10819
Тип:локальная
Уровень опасности:
5/10
Описание:Отказ в функциях nfs_wait_on_request, sg_build_indirect.
CVE:CVE-2010-1087 (The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.)
 CVE-2009-3288 (The sg_build_indirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service (kernel OOPS and NULL pointer dereference), as demonstrated by using xcdroast to duplicate a CD. NOTE: this is only exploitable by users who can open the cdrom device.)
Оригинальный текстdocumentRPATH, rPSA-2010-0037-1 kernel (11.05.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород