The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
USN-30-1 fixed several flaws in the Linux ELF binary loader’s handling
of setuid binaries Unfortunately it was found that these patches were
not sufficient to prevent all possible attacks on 64-bit platforms, so
previous amd64 kernel images were still vulnerable to root privilege
escalation if setuid binaries were run under certain conditions ...
Synopsis
kernel security update
Type/Severity
Security Advisory: Important
Topic
Updated kernel packages that fix several security issues in Red HatEnterprise Linux 3 are now available
Description
The Linux kernel handles the basic functions of the operating systemThis advisory includes f ...
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-0427
A local denial of service vulnerability in do_fork() has been found
CVE-2005-0489
A ...
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-0427
A local denial of service vulnerability in do_fork() has been found
CVE-2005-0489
A ...
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-0427
A local denial of service vulnerability in do_fork() has been found
CVE-2005-0489
A ...
source: wwwsecurityfocuscom/bid/11754/info
The Linux kernel is reported prone to multiple local vulnerabilities:
- A handcrafted 'aout' file may be used to trigger a local denial-of-service condition A local attacker may exploit this vulnerability to trigger a system-wide denial of service, potentially resulting in a kernel panic
- ...