Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2015-3014)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-3014 advisory. - kvm: fix excessive pages un-pinning in kvmiommumap error path. Quentin Casasnovas Orabug: 20687314 CVE-2014-3601 CVE-2014-8369 CVE-2014-3601 -...

Mail.ru: [connect.mail.ru] Memory Disclosure / IE XSS

Memory Disclosure ---- При обращении к сценариям https://connect.mail.ru/sharefriends https://connect.mail.ru/sharecount https://connect.mail.ru/sharebutton следующим образом: GET /xxx/%2e%2e/sharefriends HTTP/1.1 Host: connect.mail.ru выводится ошибка о некорректном пути invalid request path:...

Qemu: qcow2: NULL dereference in qcow2_open() error path

The qcow2open function in the block/qcow2.c in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service NULL pointer dereference via a crafted image which causes an error, related to the initialization of the snapshotoffset and nbsnapshots fields...

Qemu: qcow2: NULL dereference in qcow2_open() error path

The qcow2open function in the block/qcow2.c in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service NULL pointer dereference via a crafted image which causes an error, related to the initialization of the snapshotoffset and nbsnapshots fields...

DEBIAN-CVE-2012-4561

The 1 publickeymakedss, 2 publickeymakersa, 3 signaturefromstring, 4 sshdosign, and 5 sshsignsessionid functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service crash via unspecified vectors...

DEBIAN-CVE-2012-6031

The dotmemget function in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service CPU hang and host crash via unspecified vectors related to a spinlock being held in the "badcopy error path." NOTE: this issue was originally published as part o...

DEBIAN-CVE-2012-6030

The dotmemop function in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service host crash and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was...

CVE-2012-6030

The dotmemop function in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service host crash and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was...

Design/Logic Flaw

The dotmemop function in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service host crash and possibly have other unspecified impacts via unspecified vectors related to "broken locking checks" in an "error path." NOTE: this issue was...

CVE-2012-6031

The dotmemget function in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 allow local guest OS users to cause a denial of service CPU hang and host crash via unspecified vectors related to a spinlock being held in the "badcopy error path." NOTE: this issue was originally published as part o...

ClamAV < 0.97 Multiple Vulnerabilities

According to its version, the clamd antivirus daemon on the remote host is earlier than 0.97. Such versions reportedly are affected by multiple vulnerabilities : - As-yet unspecified double-free issues involving an error path exist in 'libclamav/vbaextract.c' and 'shared/cdiff.c'. Bug 2486 and...

ClamAV < 0.94 Multiple Vulnerabilities

According to its version, the clamd antivirus daemon on the remote host is earlier than 0.94. Such versions are affected by one or more of the following issues : - A segmentation fault can occur when processing corrupted LZH files. Bug 1052 - Invalid memory access errors in 'libclamav/chmunpack.c...

CVE-2008-3914

Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in 1 libclamav/others.c and 2 libclamav/sis.c...

DEBIAN-CVE-2008-3914

Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in 1 libclamav/others.c and 2 libclamav/sis.c...

kernel security and bug fix update

2.6.18-92.1.10.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki orabug 6045759 - splice Fix bad unlockpage in error case Jens Axboe orabug 6263574 - dio fix error-path crashes Linus Torvalds orabug 6242289 - NET fix netpoll race Tina Yang orabugz 5791 2.6.18-92.1.10.el5 - ia64...

kernel security and bug fix update

2.6.18-92.1.6.0.2.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki orabug 6045759 - splice Fix bad unlockpage in error case Jens Axboe orabug 6263574 - dio fix error-path crashes Linus Torvalds orabug 6242289 - NET fix netpoll race Tina Yang orabugz 5791 2.6.18-92.1.6.el5 - x86 sanity...

kernel security and bug fix update

2.6.18-53.1.19.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin ORA 6187457 - splice Fix bad unlockpage in error case Jens Axboe ORA 6263574...

Important: kernel security and bug fix update

2.6.18-53.1.6.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki ORA 6045759 - NET Fix msi issue with kexec/kdump Michael Chan ORA 6219364 - MM Fix allocpagesnode static nid' race made kernel crash Joe Jin ORA 6187457 - splice Fix bad unlockpage in error case Jens Axboe ORA 6263574 ...

Security fix for the ALT Linux 5 package samba version 3.0.28-alt1

Dec. 10, 2007 Alexander Bokovoy 3.0.28-alt1 - Fixed: + CVE-2007-6015: == Specifically crafted GETDC mailslot requests == can trigger a boundary error in the domain == controller GETDC mail slot support which == can be remotely exploited to execute arbitrary == code. + fix error path in local...

security flaw

The aiosetupring function in Linux kernel does not properly initialize a variable, which allows local users to cause a denial of service crash via an unspecified error path that causes an incorrect free operation...