|
|
Subscribe / Log in / New account

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2011-0726 CVE-2011-1019 CVE-2011-1080
Created:May 11, 2011 Updated:August 19, 2011
Description:

From the Red Hat advisory:

* The start_code and end_code values in "/proc/[pid]/stat" were not protected. In certain scenarios, this flaw could be used to defeat Address Space Layout Randomization (ASLR). (CVE-2011-0726, Low)

* A flaw in dev_load() could allow a local user who has the CAP_NET_ADMIN capability to load arbitrary modules from "/lib/modules/", instead of only netdev modules. (CVE-2011-1019, Low)

* A missing validation of a null-terminated string data structure element in do_replace() could allow a local user who has the CAP_NET_ADMIN capability to cause an information leak. (CVE-2011-1080, Low)

Alerts:
Oracle ELSA-2013-1645 kernel 2013-11-26
openSUSE openSUSE-SU-2012:0236-1 kernel 2012-02-09
Ubuntu USN-1256-1 linux-lts-backport-natty 2011-11-09
SUSE SUSE-SU-2011:1058-1 kernel 2011-09-21
Ubuntu USN-1212-1 linux-ti-omap4 2011-09-21
SUSE SUSE-SA:2011:040 kernel 2011-09-20
Ubuntu USN-1204-1 linux-fsl-imx51 2011-09-13
Ubuntu USN-1202-1 linux-ti-omap4 2011-09-13
Ubuntu USN-1189-1 kernel 2011-08-19
SUSE SUSE-SU-2011:0899-1 kernel 2011-08-12
SUSE SUSE-SA:2011:034 kernel 2011-08-12
Ubuntu USN-1187-1 kernel 2011-08-09
SUSE SUSE-SU-2011:0832-1 kernel 2011-07-25
SUSE SUSE-SA:2011:031 kernel 2011-07-25
Ubuntu USN-1170-1 linux 2011-07-15
Ubuntu USN-1167-1 linux 2011-07-13
Ubuntu USN-1159-1 linux-mvl-dove 2011-07-13
Ubuntu USN-1162-1 linux-mvl-dove 2011-06-29
Ubuntu USN-1160-1 kernel 2011-06-28
Debian DSA-2264-1 linux-2.6 2011-06-18
CentOS CESA-2011:0833 kernel 2011-05-31
Ubuntu USN-1141-1 linux, linux-ec2 2011-05-31
Red Hat RHSA-2011:0833-01 kernel 2011-05-31
Debian DSA-2240-1 linux-2.6 2011-05-24
Red Hat RHSA-2011:0500-01 kernel-rt 2011-05-10
Red Hat RHSA-2011:0498-01 kernel 2011-05-10

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds