Linux Today - Linux Kernel "vmsplice()" System Call Vulnerabilities

search.internet.com

Become a Marketplace Partner

internet.commerce

Be a Commerce Partner

Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices

Technology Jobs

LinuxToday Newsletters

Subscribe News
Subscribe PR
Subscribe Security

internet.com

IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

Current Newswire:

Easy (and amazing) Debian for the N900

Insight into GNU/Linux boot process

Reviewed: OpenOffice.org 3.2

Creating An NFS-Like Standalone Storage Server With GlusterFS On CentOS 5.4

Open Source is Not a Democracy

Open Source Gets Political

Open source and the Morevna project

Android market going down the drain?

All Done With Ubuntu

Google Offers Migration Tool for Microsoft Exchange Data

Systems Engineer Sr – Solaris – Linux – Logical Domains (CO)
Next Step Systems
US-CO-Thornton

Justtechjobs.com

Post A Job | Post A Resume

:Linux Kernel "vmsplice()" System Call Vulnerabilities

Linux Kernel "vmsplice()" System Call Vulnerabilities
Feb 11, 2008, 14 :00 UTC (2 Talkback[s]) (5847 reads)

"Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges.
"The vulnerabilities are caused due to the missing verification of parameters within the 'vmsplice_to_user()', 'copy_from_user_mmap_sem()', and 'get_iovec_page_array()' functions in fs/splice.c before using them to perform certain memory operations..."

Related Stories:
Linux Detecting/Checking Rootkits with Chkrootkit and rkhunter Software(Jan 29, 2008)
Abusing chroot(Sep 30, 2007)
SELinux--Is It *Really* Too Complex?(Sep 28, 2007)
Five Ways SELinux May Surprise You(May 06, 2007)

Index Mode | Flat Mode | Thread Mode | Thread Flat

Name and Date

Debian

BD
Feb 11, 2008, 16:40:40

Erek Dyskant
Feb 11, 2008, 20:25:32

Home | Search Talkbacks | Customize View

Top of Page

Enter your comments below:

All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP

The Network for Technology Professionals

Search:

About Internet.com

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers

Solutions

Whitepapers and eBooks

Article: Adobe Helps PHP Developers Create Rich Internet Applications
Case Study: Microsoft IT Strengthens Security with Data Loss Prevention Solution
Article: Reduce Your Infrastructure Costs with Microsoft System Center
Intel Brief: Five-Star IT Support--Intel Core 2 processor with vPro Delivers ROI of 524 Percent
Article: Security Enhancements Abound in Windows Server 2008
Article: Enterprise Social Computing with Microsoft SharePoint 2010
Intel Whitepaper: Implementing Intel vPro Technology to Drive Down Client Management Costs
Microsoft Whitepaper: Improve Communications and Collaboration
Intel Article: Intel Core i5 vPro Brings Intelligence to the Processor
Microsoft Personalized Whitepapers and Resources for You
Microsoft Articles: Visual Studio 2010
Adobe Article: Java Developers Finding a Home at Adobe Flex
Microsoft Whitepaper: Make Better Decisions - SQL Server 2008 Business Intelligence.
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Video: How System Center Helps Reduce IT Costs
IBM Cloud Computing for Developers Virtual Event, April 6-8
Microsoft Video: OCS and Exchange: Platform Futures
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us
Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Learn Unified Communications
Learn SQL Server 2008
Learn Windows Server 2008 R2
Internet.com Hot List: Get the Inside Scoop on IT and Developer Products
Learn Forefront
Learn System Center
All About Botnets
Learn SharePoint
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES