BSA-2017-353

Security Advisory ID : BSA-2017-353 Component : Linux Kernel Revision : 3.0: Interim The IPv6 DCCP implementation in the Linux kernel mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue t...

BSA-2017-373

Security Advisory ID : BSA-2017-373 Component : NFSv4 Revision : 2.0: Interim The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is...

Virtuozzo 6 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0293)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0294)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

[SECURITY] Fedora 24 Update: globus-io-11.9-1.fc24

The Globus Toolkit is an open source software toolkit used for building Grid systems and applications. It is being developed by the Globus Alliance and many others all over the world. A growing number of projects and companies are using the Globus Toolkit to unlock the potential of grids for thei...

DEBIAN-CVE-2017-8797

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...

UBUNTU-CVE-2017-8797

The NFSv4 server in the Linux kernel before 4.11.3 does not properly validate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used a...

The vulnerability of the Linux operating system allows a hacker to trigger a service failure or gain superuser privileges.

The vulnerability of the dccprcvstateprocess function in the net/dccp/input.c file of the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to gain superuser privileges by improperly managing the...

Cisco Virtualized Packet Core-Distributed Instance Denial of Service Vulnerability

Cisco Virtualized Packet Core VPC is the StarOS release by product. A security vulnerability in the ingress UDP packet processing function of Cisco Virtualized Packet CoreDistributed Instance VPCDI Software could allow an unauthenticated, remote attacker to cause a denial of service by overloadin...

The vulnerability of the dccp_v6_request_recv_sock function in the net/dccp/ipv6.c file of the Linux kernel allows a attacker to cause a service failure or exert other effects.

The vulnerability of the dccpv6requestrecvsock function in the net/dccp/ipv6.c module of the Linux kernel is related to incorrect data processing. Exploiting this vulnerability could allow an attacker acting locally to cause service failures or other adverse effects due to system calls...

PT-2017-2222 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11.1 Description: The issue is related to the dccp v6 request recv sock function in the net/dccp/ipv6.c file of the Linux kernel, which mishandles inheritance. This allows local users to cause a denial of...

The vulnerability of the UDP service in the Microsoft Windows operating system allows a perpetrator to cause a service failure and a device restart.

The vulnerability of the UDP service in the Microsoft Windows operating system is related to insufficient data processing speed. Exploiting this vulnerability can allow a malicious actor to cause service failure and forced restarts of devices through specially crafted SIP messages...

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

rpcbind, LIBTIRPC and NTIRPC Denial of Service Vulnerabilities

rpcbind, LIBTIRPC, and NTIRPC are all applications used in Linux. rpcbind is a server that translates RPC program numbers into generic addresses; LIBTIRPC is a package that contains libraries to support programs that use the Remote Procedure Call RPC API; and NTIRPC is a stand-alone RPC library f...

DEBIAN-CVE-2017-8779

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...

UBUNTU-CVE-2017-8779

rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory consumption with no subsequent free via a...

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1057)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer...

Cisco Unified Communications Manager UDP Handling Denial of Service Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. Cisco Unified Communications Manager has a security vulnerability in the Session Initiation Protocol SIP UDP throttling process, which could be exploited by a remote attacker to submit a special reque...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...