|
|
| |
|
| |
kernel: several vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2010-0410
CVE-2010-0415
|
| Created: | February 12, 2010 |
Updated: | October 8, 2010 |
| Description: |
From the Red Hat bugzilla: Sebastian Krahmer found a problem in the drivers/connector/connector.c code where users could send/allocate arbitrary amounts of NETLINK_CONNECTOR messages to the kernel, causing OOM condition, killing selected processes or halting the system. CVE-2010-0410
From the Red Hat bugzilla: Ramon de C. Valle spotted a problem in sys_move_pages, where "node" value is read from userspace, but not limited to the node set within the kernel itself. Due to the bit tests in mm/migrate.c:do_move_pages it is easy to read out the
kernel memory (as node can also be negative). CVE-2010-0415
|
| Alerts: |
|
( Log in to post comments)
|
|
|