Lucene search
K

1940 matches found

OSV
OSV
added 2014/03/24 4:40 p.m.1 views

DEBIAN-CVE-2013-7339

The rdsibladdrcheck function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports...

4.7CVSS6.3AI score0.00476EPSS
Exploits2References1
OSV
OSV
added 2014/03/24 12:0 a.m.3 views

UBUNTU-CVE-2014-2523

net/netfilter/nfconntrackprotodccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a DCCP packet that triggers a call to the 1 dccpnew, 2 dccppacket, or 3...

10CVSS7.1AI score0.10385EPSS
Exploits1References11
RedHat Linux
RedHat Linux
added 2014/03/11 5:7 p.m.9 views

Kernel: net: memory corruption with UDP_CORK and UFO

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

6.9CVSS7.2AI score0.00589EPSS
Exploits1References4
Ubuntu
Ubuntu
added 2014/03/07 11:30 a.m.97 views

USN-2134-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported an error in the Linux Kernel's Kernel Virtual Machine KVM...

6.2CVSS6.7AI score0.10209EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2013/12/12 7:13 p.m.4 views

Kernel: net: memory corruption with UDP_CORK and UFO

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

6.9CVSS7.2AI score0.00589EPSS
Exploits1References4
Cisco
Cisco
added 2013/11/13 8:19 p.m.29 views

Cisco IOS Software SSL VPN Interface Queue Wedge Denial of Service Vulnerability

A vulnerability in the Datagram Transport Layer Security DTLS function of the Cisco IOS Software SSL VPN feature could allow an authenticated, remote attacker to cause the SSL VPN gateway interface to stop processing traffic when the queue is full, resulting in a denial of service DoS condition...

6.8CVSS6.9AI score0.01498EPSS
Exploits0References1
OSV
OSV
added 2013/11/04 3:55 p.m.1 views

DEBIAN-CVE-2013-4470

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

6.9CVSS7.4AI score0.00589EPSS
Exploits1References1
OSV
OSV
added 2013/11/04 12:0 a.m.2 views

UBUNTU-CVE-2013-4470

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

6.9CVSS7.1AI score0.00589EPSS
Exploits1References15
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.4 views

SSL/TLS: CBC padding timing attack (lucky-13)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

2.6CVSS6.8AI score0.35584EPSS
Exploits1References7
OSV
OSV
added 2013/10/10 10:55 a.m.2 views

DEBIAN-CVE-2013-4387

net/ipv6/ip6output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload UFO processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service memory corruption and system crash or...

6.1CVSS8.3AI score0.02578EPSS
Exploits1References1
OSV
OSV
added 2013/07/29 1:59 p.m.2 views

DEBIAN-CVE-2013-4162

The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...

4.7CVSS5.8AI score0.0042EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.36 views

Oracle Linux 5 : kernel (ELSA-2012-1540-1)

From Red Hat Security Advisory 2012:1540 : Updated kernel packages that fix multiple security issues, two bugs, and add two enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common...

7.1CVSS7.4AI score0.0285EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2013/07/03 4:18 p.m.3 views

SSL/TLS: CBC padding timing attack (lucky-13)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

2.6CVSS6.8AI score0.35584EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2013/05/22 6:33 p.m.12 views

SSL/TLS: CBC padding timing attack (lucky-13)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

2.6CVSS6.8AI score0.35584EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2013/05/01 5:59 p.m.7 views

SSL/TLS: CBC padding timing attack (lucky-13)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

2.6CVSS6.8AI score0.35584EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2013/03/19 12:0 a.m.53 views

Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1768-1)

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. CVE-2013-0190 A failure to validate input was discovered in the Linux kernel's Xen netback network backend driver. ...

6.5CVSS7AI score0.01557EPSS
Exploits4References10
OpenVAS
OpenVAS
added 2013/03/19 12:0 a.m.42 views

Ubuntu Update for linux USN-1769-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN17691.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux USN-1769-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

6.5CVSS0.3AI score0.01557EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2013/03/19 12:0 a.m.40 views

Ubuntu 12.10 : linux vulnerabilities (USN-1769-1)

Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. CVE-2013-0190 A failure to validate input was discovered in the Linux kernel's Xen netback network backend driver. ...

6.5CVSS7AI score0.01557EPSS
Exploits4References10
RedHat Linux
RedHat Linux
added 2013/03/13 2:40 p.m.7 views

SSL/TLS: CBC padding timing attack (lucky-13)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

2.6CVSS6.8AI score0.35584EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2013/03/11 6:31 p.m.6 views

kernel: net: infinite loop in __skb_recv_datagram()

The skbrecvdatagram function in net/core/datagram.c in the Linux kernel before 3.8 does not properly handle the MSGPEEK flag with zero-length data, which allows local users to cause a denial of service infinite loop and system hang via a crafted application...

4.9CVSS5.8AI score0.00402EPSS
Exploits0References4
Rows per page
Query Builder