Oval Definition:oval:org.mitre.oval:tst:35915
Comment:kernel-BOOT is earlier than 0:2.4.21-57.EL
Type:rpminfo_testNamespace:linux
Check_Existence:at_least_one_existsCheck:at least one
State Operator:AND
References
Object:oval:org.mitre.oval:obj:14219
State:oval:org.mitre.oval:ste:10799
Referencing Definitions
Definition IDClassTitleLast Modified
oval:org.mitre.oval:def:9412
V
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
2013-04-29
oval:org.mitre.oval:def:9648
V
The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock.
2013-04-29
oval:org.mitre.oval:def:10065
V
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
2013-04-29
oval:org.mitre.oval:def:10719
V
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.
2013-04-29
oval:org.mitre.oval:def:10971
V
The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow.
2013-04-29
oval:org.mitre.oval:def:11108
V
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.
2013-04-29
oval:org.mitre.oval:def:11329
V
Linux kernel before 2.4.21 allows local users to cause a denial of service (kernel panic) via asynchronous input or output on a FIFO special file.
2013-04-29
oval:org.mitre.oval:def:11843
V
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
2013-04-29
BACK