Kernel: net: IPv6: panic when UFO=On for an interface

net/ipv6/ip6output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload UFO processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service memory corruption and system crash or...

Ubuntu: Security Advisory (USN-2113-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 13.10 : linux vulnerabilities (USN-2117-1)

Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...

Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2113-1)

Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...

USN-2113-1: Linux kernel (Saucy HWE) vulnerabilities

Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...

Kernel: net: memory corruption with UDP_CORK and UFO

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2069-1)

Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged local user could exploit this flaw to cause a denial of service system crash or possibly gain administrative privileges. CVE-2013-4470 Multiple integer overflow flaws were discovered in the...

USN-2073-1: Linux kernel vulnerabilities

Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged local user could exploit this flaw to cause a denial of service system crash or possibly gain administrative privileges. CVE-2013-4470 Multiple integer overflow flaws were discovered in the...

USN-2066-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged...

Oracle Linux 6 : unbreakable enterprise kernel (ELSA-2013-2587)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2587 advisory. - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo sk...

Ubuntu Update for linux USN-2049-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN20491.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux USN-2049-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2013-2588)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2588 advisory. - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951806 CVE-2013-4470 - ipoutput: do skb ufo init for peeked non uf...

Oracle Linux 6 : kernel (ELSA-2013-1801)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-1801 advisory. - x86 kvm: fix cross page vapicaddr access Paolo Bonzini 1032214 1032215 CVE-2013-6368 - x86 kvm: fix division by zero in apicgettmcct Paolo Bonzini...

Kernel: net: memory corruption with UDP_CORK and UFO

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

Amazon Linux AMI : kernel (ALAS-2013-252)

The Linux kernel before 3.12, when UDP Fragmentation Offload UFO is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service memory corruption and system crash or possibly gain privileges via a crafted application that uses the UDPCORK...

Ubuntu 13.10 : linux vulnerabilities (USN-2049-1)

Miroslav Vadkerti discovered a flaw in how the permissions for network sysctls are handled in the Linux kernel. An unprivileged local user could exploit this flaw to have privileged access to files in /proc/sys/net/. CVE-2013-4270 A flaw was discovered in the Linux kernel's dm snapshot facility. ...

USN-2050-1: Linux kernel (OMAP4) vulnerabilities

An information leak was discovered in the handling of ICMPv6 Router Advertisement RA messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service excessive retries and address-generation outage, and consequently obtain sensitive...

USN-2049-1: Linux kernel vulnerabilities

Miroslav Vadkerti discovered a flaw in how the permissions for network sysctls are handled in the Linux kernel. An unprivileged local user could exploit this flaw to have privileged access to files in /proc/sys/net/. CVE-2013-4270 A flaw was discovered in the Linux kernel's dm snapshot facility. ...

Ubuntu Update for linux USN-2043-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN20431.nasl 8466 2018-01-19 06:58:30Z teissa $ Ubuntu Update for linux USN-2043-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; y...

Ubuntu: Security Advisory (USN-2042-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...