Lucene search
K

191 matches found

VulnCheck KEV
VulnCheck KEV
added 2023/05/12 12:0 a.m.5 views

VulnCheck KEV: CVE-2010-3904

Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets RDS protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls...

7.8CVSS6.6AI score0.11217EPSS
Exploits16References1
OSV
OSV
added 2023/03/27 9:15 p.m.9 views

CVE-2023-1078

A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type confusion leads to struct rdsmsgzcopyinfo info actually points to something...

7.8CVSS7.4AI score
Exploits0References5
OSV
OSV
added 2023/03/27 9:15 p.m.3 views

DEBIAN-CVE-2023-1078

A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type confusion leads to struct rdsmsgzcopyinfo info actually points to something...

7.8CVSS6.5AI score0.00251EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.25 views

Debian: Security Advisory (DLA-310-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.9AI score0.06267EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/03/01 1:55 a.m.3 views

SUSE CVE-2023-1078

A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type confusion leads to struct rdsmsgzcopyinfo info actually points to something...

7.8CVSS6.2AI score0.00251EPSS
Exploits0References31
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.4 views

SUSE CVE-2010-3865

Integer overflow in the rdsrdmapages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service crash and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets RDS request, which triggers a buffer overflow...

7.2CVSS7.5AI score0.00555EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.2 views

SUSE CVE-2010-4175

Integer overflow in the rdscmsgrdmaargs function net/rds/rdma.c in Linux kernel 2.6.35 allows local users to cause a denial of service crash and possibly trigger memory corruption via a crafted Reliable Datagram Sockets RDS request, a different vulnerability than CVE-2010-3865...

4.9CVSS6.9AI score0.00391EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.3 views

SUSE CVE-2011-1023

The Reliable Datagram Sockets RDS subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service BUGON and system crash via vectors involving 1 a loopback aka loop transmit operation or 2 an InfiniBand aka ib...

4.9CVSS6.2AI score0.00485EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.3 views

SUSE CVE-2012-2372

The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service BUGON and kernel panic by establishing an RDS connection with the source IP address equal to the IPoIB...

4.4CVSS6.1AI score0.00329EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.4 views

PT-2022-35351 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.75 Description: The issue is related to the Linux Kernel's rds tcp reset callbacks function, where the sock lock is held when cancelling work. This could potentially lead to security vulnerabilities,...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.5 views

PT-2022-35856 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: The issue is related to the Linux Kernel's rds tcp reset callbacks function, where the sock lock is held when cancelling work. This could potentially lead to security vulnerabilities,...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/04/13 2:49 a.m.153 views

USN-5377-1: Linux kernel (BlueField) vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 Yiqi Sun and Kevin Wang discovered that the...

9CVSS8AI score0.67994EPSS
Exploits20
Microsoft CVE
Microsoft CVE
added 2020/09/25 12:0 a.m.5 views

Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec struct in a Reliable Datagram Sockets (RDS) request which triggers a buffer overflow.

...

7.2CVSS7AI score0.00555EPSS
Exploits1
OSV
OSV
added 2020/02/21 1:35 p.m.11 views

SUSE-SU-2020:14287-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: Java was updated to 7.1 Service Refresh 4 Fix Pack 60 bsc1162972, bsc1160968. Security issues fixed: - CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport bsc1162972. - CVE-2020-2593: Fixed an incorrect check in...

8.1CVSS6.1AI score0.04903EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2020/02/12 11:22 a.m.5 views

OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols...

4.3CVSS7.4AI score0.04202EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/11 8:33 a.m.3 views

OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols...

4.3CVSS7.4AI score0.04202EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/11 8:31 a.m.5 views

OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols...

4.3CVSS7.4AI score0.04202EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/02/11 8:29 a.m.5 views

OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols...

4.3CVSS7.4AI score0.04202EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/01/30 12:0 a.m.244 views

Ubuntu 16.04 LTS / 18.04 LTS : OpenJDK vulnerabilities (USN-4257-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4257-1 advisory. It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use th...

8.1CVSS6.9AI score0.04903EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2020/01/29 12:0 a.m.45 views

Ubuntu: Security Advisory (USN-4257-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.04903EPSS
Exploits0References2
Rows per page
Query Builder