Linux kernel权限许可和访问控制漏洞

漏洞信息详情

Linux kernel权限许可和访问控制漏洞

漏洞简介

Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。

Linux kernel 2.6版本的security/keys/user_defined.c的user_update函数中存在漏洞。本地用户可利用该漏洞借助与user-defined key和\”updating a negative key into a fully instantiated key.\”相关的向量导致拒绝服务(空指针引用或者内核 oops)。

漏洞公告

目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:

https://bugzilla.redhat.com/show_bug.cgi?id=751297

参考网址

来源: bugzilla.redhat.com

链接:https://bugzilla.redhat.com/show_bug.cgi?id=751297

来源: MLIST

名称: [linux-kernel] 20111115 [PATCH] KEYS: Fix a NULL pointer deref in the user-defined key type

链接:https://lkml.org/lkml/2011/11/15/363

来源: BID

名称: 50755

链接:http://www.securityfocus.com/bid/50755

来源: MLIST

名称: [oss-security] 20111121 Re: CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type

链接:http://www.openwall.com/lists/oss-security/2011/11/22/6

来源: MLIST

名称: [oss-security] 20111122 Re: CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type

链接:http://www.openwall.com/lists/oss-security/2011/11/22/5

来源: MLIST

名称: [oss-security] 20111121 CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type

链接:http://www.openwall.com/lists/oss-security/2011/11/21/19

来源:SECUNIA

名称:47008

链接:http://secunia.com/advisories/47008

来源:SECUNIA

名称:47027

链接:http://secunia.com/advisories/47027

来源:SECUNIA

名称:47159

链接:http://secunia.com/advisories/47159

来源:SECUNIA

名称:47366

链接:http://secunia.com/advisories/47366

来源:SECUNIA

名称:47438

链接:http://secunia.com/advisories/47438

来源:SECUNIA

名称:47502

链接:http://secunia.com/advisories/47502

来源:SECUNIA

名称:47511

链接:http://secunia.com/advisories/47511

来源:SECUNIA

名称:47517

链接:http://secunia.com/advisories/47517

来源:SECUNIA

名称:47526

链接:http://secunia.com/advisories/47526

来源:SECUNIA

名称:47542

链接:http://secunia.com/advisories/47542

来源:SECUNIA

名称:47551

链接:http://secunia.com/advisories/47551

来源:SECUNIA

名称:47568

链接:http://secunia.com/advisories/47568

来源:SECUNIA

名称:47570

链接:http://secunia.com/advisories/47570

来源:SECUNIA

名称:47695

链接:http://secunia.com/advisories/47695

来源:SECUNIA

名称:47716

链接:http://secunia.com/advisories/47716

来源:SECUNIA

名称:47718

链接:http://secunia.com/advisories/47718

来源:SECUNIA

名称:47726

链接:http://secunia.com/advisories/47726

来源:SECUNIA

名称:47754

链接:http://secunia.com/advisories/47754

来源:SECUNIA

名称:47757

链接:http://secunia.com/advisories/47757
来源:NSFOCUS
名称:20805
链接:http://www.nsfocus.net/vulndb/20805

来源:NSFOCUS
名称:18233
链接:http://www.nsfocus.net/vulndb/18233

受影响实体

© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享