User: Password:
Subscribe / Log in / New account

Kernel vulnerabilities: old or new?

Kernel vulnerabilities: old or new?

Posted Oct 20, 2010 0:56 UTC (Wed) by BenHutchings (subscriber, #37955)
Parent article: Kernel vulnerabilities: old or new?

Some more for you, all fixed post-2.6.32:

drm/i915: Sanity check pread/pwrite (CVE-2010-2962)
sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (CVE-2010-3705)
RDS sockets: remove unsafe kmap_atomic optimization (CVE-2010-3904)
v4l: disable dangerous buggy compat function (CVE-2010-2963)
sctp: Do not reset the packet during sctp_packet_config() (CVE-2010-3432)
x86-64, compat: Retruncate rax after ia32 syscall entry tracing; Test %rax for the syscall number, not %eax (CVE-2010-3301)
irda: Correctly clean up self->ias_obj on irda_bind() failure. (CVE-2010-2954)
GFS2: Fix up system xattrs (CVE-2010-2525)
tipc: Fix oops on send prior to entering networked mode (CVE-2010-1187)
KGDB: don't needlessly skip PAGE_USER test for Fsl booke (CVE-2010-1446)
futex: Handle futex value corruption gracefully. (CVE-2010-0623)
KVM: PIT: control word is write-only (CVE-2010-0309)
KVM: Add IOPL/CPL checks to emulator, to prevent privilege escalation within a guest. (CVE-2010-0298, CVE-2010-0306)
untangle the do_mremap() mess (CVE-2010-0291)
kernel/signal.c: fix kernel information leak with print-fatal-signals=1 (CVE-2010-0003)
netfilter: ebtables: enforce CAP_NET_ADMIN (CVE-2010-0007)
ipv6: skb_dst() can be NULL in ipv6_hop_jumbo(). (CVE-2010-0006)

(Log in to post comments)

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds