SUSE CVE-2017-1000112

Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSGMORE ipappenddata calls ipufoappenddata to append. However in between two send calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In...

Ubuntu: Security Advisory (USN-3386-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the way the Linux kernel handled fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload UFO functionality on. A remote attacker could use this flaw to cause a denial of service...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1475)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: Exploitable memory corruption due to UFO to non-UFO path switch

An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ipufoappenddata when building an UFO packet with MSGMORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privilege...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1475)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The skbflowdissect function in net/core/flowdissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denia...

Heap-based Out-Of-Bounds Write

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way IP packets with an Internet Header Length ihl of zero were processed in the skbflowdissect function in the Linux kernel. A remote attacker could use this flaw to trigger an infinit...

Virtuozzo 7 : readykernel-patch (VZA-2017-071)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented ...

Virtuozzo 7 : readykernel-patch (VZA-2017-073)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented ...

Virtuozzo 7 : readykernel-patch (VZA-2017-072)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented ...

Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.1 for Virtuozzo 7.0.5

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernel 3.10.0-514.26.1.vz7.33.22 Virtuozzo 7.0.5. Vulnerability id: CVE-2017-1000111 A race condition issue leading to a use-after-free flaw was found in the way the raw packet...

Important kernel security update: CVE-2017-1000111 and other; Virtuozzo ReadyKernel patch 29.0 for Virtuozzo 7.0.0, 7.0.1, and 7.0.3

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.36.1.vz7.18.7 Virtuozzo 7.0.1, and 3.10.0-327.36.1.vz7.20.18 Virtuozzo 7.0.3. Vulnerability id: CVE-2017-1000111 A...

USN-3385-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04...

USN-3385-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code...

USN-3385-2 linux-lts-xenial vulnerabilities

USN-3385-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code...

USN-3386-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3386-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code...

USN-3384-2: Linux kernel (HWE) vulnerabilities

USN-3384-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code in the...

USN-3384-2 linux-hwe vulnerabilities

USN-3384-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code in the...

USN-3386-1: Linux kernel vulnerabilities

Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. CVE-2017-1000112 Andrey Konovalov discovered a race condition in AFPACKET socket option handling code...

USN-3386-1 linux vulnerabilities

Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code in the Linux kernel. A local attacker could use this to cause a denial of service or execute arbitrary code. CVE-2017-1000112 Andrey Konovalov discovered a race condition in AFPACKET socket option handling code...