Vserver Linux-Vserver vulnerabilities

CVE-2005-0178 [MEDIUM] CVE-2005-0178: Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial o Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.

CVE-2004-2613 [CRITICAL] CVE-2004-2613: Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.2 Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408.

CVE-2004-2408 [LOW] CVE-2004-2408: Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earlier shares /proc permissions ac Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earlier shares /proc permissions across all virtual and host servers, which allows local users with the ability to set permissions in /proc to obtain system information or cause a denial of service on other virtual servers or the host server.

CVE-2003-1288 [MEDIUM] CVE-2003-1288: Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service (kernel oops) via unknown attack vectors related to the (1) s_info and (2) ip_info data structures and the (a) forget_original_parent, (b) goodness, (c) schedule, (d) update_process_times, and (e) vc_new_s_context functions.