CVE-2007-6694

Related Files

Ubuntu Security Notice 618-1

Posted Jun 20, 2008

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 618-1 - Memory access issues, buffer overflows, denial of service, race conditions.. all sorts of fun and mayhem has been addressed in the Linux 2.6 kernel branch on Ubuntu.

tags | advisory, denial of service, overflow, kernel

systems | linux, ubuntu

advisories | CVE-2007-4571, CVE-2007-5904, CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375, CVE-2008-1669

SHA-256 | 0acf6967795b6e572efa6fa96bc8daa4c48aa9762c583cd6ee70d852449a6d06

Download | Favorite | View

Ubuntu Security Notice 614-1

Posted Jun 4, 2008

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 614-1 - It was discovered that PowerPC kernels did not correctly handle reporting certain system details. By requesting a specific set of information, a local attacker could cause a system crash resulting in a denial of service. A race condition was discovered between dnotify fcntl() and close() in the kernel. If a local attacker performed malicious dnotify requests, they could cause memory consumption leading to a denial of service, or possibly send arbitrary signals to any process. On SMP systems, a race condition existed in fcntl(). Local attackers could perform malicious locks, causing system crashes and leading to a denial of service. The tehuti network driver did not correctly handle certain IO functions. A local attacker could perform malicious requests to the driver, potentially accessing kernel memory, leading to privilege escalation or access to private system information.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2007-6694, CVE-2008-1375, CVE-2008-1669, CVE-2008-1675

SHA-256 | ca2f984d27aa5deee1f3c6719dc2cd35d3ea868489fb3ea00ecf5c0f4810bbeb

Download | Favorite | View

Debian Linux Security Advisory 1565-1

Posted May 1, 2008

Authored by Debian | Site debian.org

Debian Security Advisory 1565-1 - Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. Cyrill Gorcunov reported a NULL pointer dereference in code specific to the CHRP PowerPC platforms. Local users could exploit this issue to achieve a Denial of Service (DoS). Nick Piggin of SuSE discovered a number of issues in subsystems which register a fault handler for memory mapped areas. This issue can be exploited by local users to achieve a Denial of Service (DoS) and possibly execute arbitrary code. David Peer discovered that users could escape administrator imposed cpu time limitations (RLIMIT_CPU) by setting a limit of 0. Alexander Viro discovered a race condition in the directory notification subsystem that allows local users to cause a Denial of Service (oops) and possibly result in an escalation of privileges.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability

systems | linux, suse, debian

advisories | CVE-2007-6694, CVE-2008-0007, CVE-2008-1294, CVE-2008-1375

SHA-256 | ed43a1ccb15a2ec568645c1df25b8fe8d03affe766fc2a7cde70bedba788f722

Download | Favorite | View