CVE-2007-6206 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, linux_enterprise_desktop, linux_enterprise_real_time_extension, linux_enterprise_server, linux_enterprise_software_development_kit, linux_kernel, opensuse, ubuntu_linux)

The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.

View Full Alert

CVE-2009-2910 (enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_workstation, fedora, linux_enterprise_debuginfo, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, linux_kernel, opensuse, ubuntu_linux, virtualization)
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register…
CVE-2014-3675 (enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_server_tus, enterprise_linux_workstation, shim)
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet. View Full Alert
CVE-2016-9401 (bash, debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_server_tus, enterprise_linux_workstation)
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. View Full Alert

410-897-9494
Receive RedZone Security Updates in Your InboxContact Us

Leave a Reply Cancel reply

Related Posts

Leave a Reply Cancel reply