mwr infosecurity vulnerabilities and exploits

(subscribe to this query)

Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate malicious users to cause a denial of service (crash) and possibly ex...

Muscle Pcsc-lite 1.5.3

Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel prior to 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.

Linux Linux Kernel 2.6.39 Linux Linux Kernel 2.6.39.1 Linux Linux Kernel Linux Linux Kernel 2.6.39.2

The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel prior to 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory.

Linux Linux Kernel 2.6.39 Linux Linux Kernel 2.6.39.1 Linux Linux Kernel Linux Linux Kernel 2.6.39.2

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel prior to 2.6.27 allows physically proximate malicious users to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.

Linux Linux Kernel Redhat Enterprise Linux 4.0

1 EDB exploit

Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel prior to 2.6.38-rc4-next-20110215 might allow malicious users to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) th...

Linux Linux Kernel 2.6.38 Linux Linux Kernel Canonical Ubuntu Linux 8.04

The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel prior to 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink mess...

Linux Linux Kernel Redhat Enterprise Linux Server 5.0 Redhat Enterprise Linux Workstation 5.0 Redhat Enterprise Linux Desktop 5.0 Redhat Enterprise Linux Eus 5.6 Redhat Enterprise Linux Aus 5.6

The qdisc_notify function in net/sched/sch_api.c in the Linux kernel prior to 2.6.35 does not prevent tc_fill_qdisc function calls referencing builtin (aka CQ_F_BUILTIN) Qdisc structures, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or...

Linux Linux Kernel Redhat Enterprise Linux 4.0

The Network Lock Manager (NLM) protocol implementation in the NFS client functionality in the Linux kernel prior to 3.0 allows local users to cause a denial of service (system hang) via a LOCK_UN flock system call.

Linux Linux Kernel Redhat Enterprise Linux Server 5.0 Redhat Enterprise Linux Workstation 5.0 Redhat Enterprise Linux Desktop 5.0

Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel prior to 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping.

Linux Linux Kernel 2.6.38 Linux Linux Kernel 2.6.38.3 Linux Linux Kernel Linux Linux Kernel 2.6.38.6 Linux Linux Kernel 2.6.38.1 Linux Linux Kernel 2.6.38.5 Linux Linux Kernel 2.6.38.2 Linux Linux Kernel 2.6.38.4 Linux Linux Kernel 2.6.38.7

fs/proc/base.c in the Linux kernel prior to 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.

Linux Linux Kernel 2.6.39 Linux Linux Kernel 2.6.39.1 Linux Linux Kernel Linux Linux Kernel 2.6.39.2

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook