Lucene search
K

549 matches found

CNVD
CNVD
added 2018/01/25 12:0 a.m.6 views

Linux kernel denial of service vulnerability (CNVD-2018-03167)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the crypto/pcrypt.c file in versions of Linux kernel prior to 4.14.13, which stems from the program's failure to properly handle the...

7.8CVSS7.2AI score0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/24 10:0 a.m.31 views

CVE-2017-18075

crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt CONFIGCRYPTOPCRYPT to cause a denial of service kfree of an incorrect pointer or possibly have unspecified other...

7.6AI score0.00408EPSS
Exploits0References7
OSV
OSV
added 2018/01/24 12:0 a.m.2 views

UBUNTU-CVE-2017-18075

crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt CONFIGCRYPTOPCRYPT to cause a denial of service kfree of an incorrect pointer or possibly have unspecified other...

7.8CVSS6.8AI score0.00408EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2018/01/24 12:0 a.m.22 views

CVE-2017-18075

crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AFALG-based AEAD interface CONFIGCRYPTOUSERAPIAEAD and pcrypt CONFIGCRYPTOPCRYPT to cause a denial of service kfree of an incorrect pointer or possibly have unspecified other...

7.8CVSS6.8AI score0.00408EPSS
Exploits0References6
ArchLinux
ArchLinux
added 2017/05/13 12:0 a.m.62 views

[ASA-201705-16] openvpn: denial of service

Arch Linux Security Advisory ASA-201705-16 ========================================== Severity: High Date : 2017-05-13 CVE-ID : CVE-2017-7478 CVE-2017-7479 Package : openvpn Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-271 Summary ======= The package openvpn...

7.5CVSS1.2AI score0.13892EPSS
Exploits2References6
OSV
OSV
added 2016/09/06 12:0 p.m.19 views

RUSTSEC-2016-0005 rust-crypto is unmaintained; switch to a modern alternative

The rust-crypto crate has not seen a release or GitHub commit since 2016, and its author is unresponsive. NOTE: The old rust-crypto crate with hyphen should not be confused with similarly named new RustCrypto GitHub Org without hyphen. The GitHub Org is actively maintained. We recommend you switc...

7AI score
Exploits0References3
NVD
NVD
added 2015/05/27 10:59 a.m.15 views

CVE-2015-3331

The driverrfc4106decrypt function in arch/x86/crypto/aesni-intelglue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service buffer overflow and system crash or possibly...

9.3CVSS6AI score0.10108EPSS
Exploits0References17
CVE
CVE
added 2015/05/27 10:0 a.m.178 views

CVE-2015-3331

CVE-2015-3331 affects the Linux kernel up to 3.19.2, where __driver_rfc4106_decrypt in arch/x86/crypto/aesni-intel_glue.c mishandles memory locations for encrypted data, enabling a context-dependent attacker to trigger a buffer overflow via a crypto API call (e.g., with a libkcapi test program us...

9.3CVSS6.6AI score0.10108EPSS
Exploits0References17Affected Software1
UbuntuCve
UbuntuCve
added 2015/04/21 12:0 a.m.40 views

CVE-2015-3331

The driverrfc4106decrypt function in arch/x86/crypto/aesni-intelglue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service buffer overflow and system crash or possibly...

9.3CVSS7AI score0.10108EPSS
Exploits0References9
Rows per page
Query Builder