Ulrich Obergfell

Pesquisador deRed Hat
#14346de 53,638
18.7CVSS total
Vulnerabilidades · 4
Média
4
PT-2016-4069
5.5
2015-11-10
Linux · Linux Kernel · CVE-2015-8953
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.2.6 **Description** The issue is related to an incorrect cleanup code path in the fs/overlayfs/copy up.c file, which can cause a denial of service due to a dentry reference leak. This occurs when local users perform filesystem operations on a large file in a lower overlayfs layer. **Recommendations** For Linux kernel versions prior to 4.2.6, update to version 4.2.6 or later to resolve the issue.
PT-2012-3991
4.0
2012-05-18
Linux · Linux Kernel · CVE-2012-2373
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.4.5 **Description** The issue is related to the improper use of the Page Middle Directory (PMD) when Physical Address Extension (PAE) is enabled on the x86 platform. This can lead to a denial of service (panic) via a crafted application that triggers a race condition. **Recommendations** For versions prior to 3.4.5, update to version 3.4.5 or later to resolve the issue.
PT-2012-3109
5.2
2012-04-23
Linux · Linux Kernel · CVE-2012-1179
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.3.1 **Description** The issue allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the `pmd none or clear bad` function and page faults for huge pages. A privileged user in the KVM guest can use this flaw to crash the host. An unprivileged local user could use this flaw to crash the system. **Recommendations** For versions prior to 3.3.1, update to version 3.3.1 or later to resolve the issue. As a temporary workaround, consider restricting administrative access to the guest OS to minimize the risk of exploitation.
PT-2009-1235
4.0
2009-01-13
Linux · Linux Kernel · CVE-2008-4307
**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 2.6.26 **Description** A race condition exists in the do setlk function, allowing local users to cause a denial of service by interrupting an RPC call, resulting in a stray FL POSIX lock. This issue is related to the improper handling of a race between fcntl and close in the EINTR case. **Recommendations** For Linux kernel versions prior to 2.6.26, update to version 2.6.26 or later to resolve the issue.