| condizione di competizione nelle funzioni sysfs_read_file e sysfs_write_file in kernel Linux 2.6.10 prima consente agli utenti locali di leggere la memoria del kernel e causano un denial of service (crash) tramite un grande ritardo nei file sysfs. |
| http://www.securityfocus.com/bid/13091 http://kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.10-rc1/2.6.10-rc1-mm1/broken-out/fix-race-in-sysfs_read_file-and-sysfs_write_file.patch http://linux.bkbits.net:8080/linux-2.6/cset%404186a4deVoR88JjTwMa3ZnIp-_YJsA http://www.debian.org/security/2005/dsa-922 http://www.mandriva.com/security/advisories?name=MDKSA-2005:218 http://www.mandriva.com/security/advisories?name=MDKSA-2005:219 http://secunia.com/advisories/17826 http://secunia.com/advisories/18056 http://www.novell.com/linux/security/advisories/2005_44_kernel.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2302 |
Vulnerabilità: CVE-2004-2302
