Ubuntu: Security Advisory (USN-3677-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

memcached: UDP server support allows spoofed traffic amplification DoS

It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service DDoS attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causi...

memcached: UDP server support allows spoofed traffic amplification DoS

It was discovered that the memcached connections using UDP transport protocol can be abused for efficient traffic amplification distributed denial of service DDoS attacks. A remote attacker could send a malicious UDP request using a spoofed source IP address of a target system to memcached, causi...

kernel: Use-after-free vulnerability in DCCP socket

A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges...

kernel: Use-after-free vulnerability in DCCP socket

A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges...

USN-3632-1: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

Ubuntu 16.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3632-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3632-1 advisory. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker...

kernel: Use-after-free vulnerability in DCCP socket

A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges...

CVE-2018-0016

Receipt of a specially crafted Connectionless Network Protocol CLNP datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly...

CVE-2018-0016

Receipt of a specially crafted Connectionless Network Protocol CLNP datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly...

Design/Logic Flaw

Receipt of a specially crafted Connectionless Network Protocol CLNP datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly...

CVE-2018-0016

CVE-2018-0016 affects Junos OS 15.1 (and related 15.1.x and 15.1X5x/15.1X53 lines) where CLNS routing or ES-IS is configured. A specially crafted CLNP datagram can crash the kernel or enable remote code execution on interfaces that have CLNS routing/ESIS enabled; devices with CLNS disabled are no...

kernel: Use-after-free vulnerability in DCCP socket

A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges...

kernel: Use-after-free vulnerability in DCCP socket

A use-after-free vulnerability was found in DCCP socket code affecting the Linux kernel since 2.6.16. This vulnerability could allow an attacker to their escalate privileges...

The vulnerability of the QoS subsystem of Cisco IOS and Cisco IOS XE operating systems allows a attacker to trigger service failures and execute arbitrary code.

The vulnerability of the Quality of Service QoS subsystem of Cisco IOS and Cisco IOS XE operating systems arises from operations that exceed buffer limits in memory when processing certain values in packets. Exploiting this vulnerability allows a malicious actor to cause service failures and...

Ubuntu: Security Advisory (USN-3620-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3620-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3620-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3620-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3620-1 advisory. It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A...

USN-3620-1: Linux kernel vulnerabilities

It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker with the CAPNETADMIN privilege could use this to cause a denial of service system crash or possibly execute arbitrary code...

artemis/hornetq: memory exhaustion via UDP and JGroups discovery

It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError...