VMware Security Advisory 2011-0012 - VMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues.
7fd5e9259774393a258a0c189d667e06ba833c9fb8b0cd11fa8fb35727aecafaUbuntu Security Notice 1119-1 - Multiple security flaws have been fixed in the OMAP4 port of the Linux kernel.
ee2b27059547517c9b31d6346cedd7eacba9014e9eeb821192ed01e86e778b49Mandriva Linux Security Advisory 2011-051 - The Linux 2.6 kernel has been updated to mitigate multiple vulnerabilities related to denial of service, arbitrary code execution, stack memory disclosure, restriction bypass, and more.
4cde969b4cdb9c88d249a1bc077eb95b786a6396542e2655f3fdef84c6102638Ubuntu Security Notice 1072-1 - Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. Dan Jacobson discovered that ThinkPad video output was not correctly access controlled. Various other issues have also been addressed.
812b3e28ec2f6132fd1f95415c8a0227bd33b2de0533cab3591015f15aead3cbMandriva Linux Security Advisory 2011-029 - Multiple vulnerabilities have been discovered and fixed in the Linux 2.6 kernel. The X.25 implementation does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed data, a different vulnerability than CVE-2010-4164. The bcm_connect function Broadcast Manager in the Controller Area Network implementation in the Linux creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename. The install_special_mapping function in mm/mmap.c does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. Various other issues have also been addressed.
65f216d797172b0ef5fb798cc0c6bfad2e1a9bea20f92874be16068901dbc644Ubuntu Security Notice 1057-1 - Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy.
9a69c98fb0ad40a633e5492b8214a1d0050651faf008c16b90593fb3071e0bc6Ubuntu Security Notice 1041-1 - Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. Various other issues have also been addressed.
ea26db62a4d97743642eaeed97eb665811c26eb91fe42e08a560cf013565d264Debian Linux Security Advisory 2126-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.
652a215cfcfeaef0310226d8335344e5825dd30719bdba2815354e1a411557e6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed