Linux Kernel多个本地漏洞

漏洞信息详情

Linux Kernel多个本地漏洞

漏洞简介

Linux kernel 2.6.10以前的版本的ip_options_get函数存在内存泄漏漏洞,本地用户通过重复的调用ip_cmsg_send函数导致服务拒绝(内存消耗)。

漏洞公告

Reportedly, these vulnerabilities are addressed in versions 2.6.10rc3bk5 and 2.4rc of the Linux kernel, but this is not confirmed.
Please see the referenced advisories for more information.
RedHat Fedora Core1

Linux kernel 2.4.17

参考网址

来源: XF
名称: linux-ipoptionsget-memory-leak(18524)
链接:http://xforce.iss.net/xforce/xfdb/18524

来源: FULLDISC
名称: 20041215 fun with linux kernel
链接:http://www.securitytrap.com/mail/full-disclosure/2004/Dec/0323.html

来源: BID
名称: 11956
链接:http://www.securityfocus.com/bid/11956

来源: www.guninski.com
链接:http://www.guninski.com/where_do_you_want_billg_to_go_today_2.html

来源: BUGTRAQ
名称: 20041215 [USN-47-1] Linux kernel vulnerabilities
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=110383108211524&w=2

来源: OVAL
名称: oval:org.mitre.oval:def:11085
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11085

来源: REDHAT
名称: RHSA-2005:017
链接:http://www.redhat.com/support/errata/RHSA-2005-017.html

来源: REDHAT
名称: RHSA-2005:016
链接:http://www.redhat.com/support/errata/RHSA-2005-016.html

来源: DEBIAN
名称: DSA-1082
链接:http://www.debian.org/security/2006/dsa-1082

来源: DEBIAN
名称: DSA-1070
链接:http://www.debian.org/security/2006/dsa-1070

来源: DEBIAN
名称: DSA-1069
链接:http://www.debian.org/security/2006/dsa-1069

来源: DEBIAN
名称: DSA-1067
链接:http://www.debian.org/security/2006/dsa-1067

来源: SECUNIA
名称: 20338
链接:http://secunia.com/advisories/20338

来源: SECUNIA
名称: 20202
链接:http://secunia.com/advisories/20202

来源: SECUNIA
名称: 20163
链接:http://secunia.com/advisories/20163

© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享