Lucene search
+L

1049 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2017/12/18 12:20 p.m.131 views

Security update for the Linux Kernel (important)

The openSUSE Leap 42.3 kernel was updated to 4.4.103 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000405: A bug in the THP CoW support could be used by local attackers to corrupt memory of other processes and cause them to crash bnc1069496. -...

7.2CVSS2.1AI score0.04252EPSS
Exploits21References153
Tenable Nessus
Tenable Nessus
added 2017/12/11 12:0 a.m.73 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3657)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3657 advisory. - mm: Tighten x86 /dev/mem with zeroing reads Kees Cook Orabug: 26675925 CVE-2017-7889 - more biomapuseriov leak fixes Al Viro Orabug: 27069042...

8.8CVSS7.5AI score0.16181EPSS
Exploits32References3
NVD
NVD
added 2017/12/07 7:29 p.m.23 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS8AI score0.04252EPSS
Exploits0References13
OSV
OSV
added 2017/12/07 7:29 p.m.29 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS7.6AI score
Exploits0References13
OSV
OSV
added 2017/12/07 7:29 p.m.4 views

DEBIAN-CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS8AI score0.04252EPSS
Exploits0References1
Prion
Prion
added 2017/12/07 7:29 p.m.38 views

Design/Logic Flaw

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

5CVSS7.8AI score0.16181EPSS
Exploits12References13Affected Software9
Cvelist
Cvelist
added 2017/12/07 7:0 p.m.24 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.4AI score0.04252EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2017/12/07 7:0 p.m.42 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS7.9AI score0.04252EPSS
Exploits0
CVE
CVE
added 2017/12/07 7:0 p.m.348 views

CVE-2017-1000410

Summary of CVE-2017-1000410 (Linux kernel info leak) : The vulnerability affects Linux kernel 3.3-rc1 and later in how L2CAP ConfigRequest/ConfigResponse are parsed. A stack variable (struct l2cap_conf_efs efs) is declared uninitialized and, depending on parsing flow and input, can be leaked back...

7.5CVSS7.1AI score0.04252EPSS
Exploits0References13Affected Software1
Oracle linux
Oracle linux
added 2017/12/07 12:0 a.m.86 views

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...

8.8CVSS8.6AI score0.16181EPSS
Exploits32
UbuntuCve
UbuntuCve
added 2017/12/07 12:0 a.m.48 views

CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS6.7AI score0.04252EPSS
Exploits0References4
OSV
OSV
added 2017/12/07 12:0 a.m.6 views

UBUNTU-CVE-2017-1000410

The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...

7.5CVSS6.7AI score0.04252EPSS
Exploits0References5
CNVD
CNVD
added 2017/12/06 12:0 a.m.7 views

Linux Kernel 'bnep_add_connection' function local elevation of privilege vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'bnepaddconnection' function of the net/bluetooth/bnep/core.c file in versions of the Linux kernel prior to 3.19, which stems fr...

7.8CVSS6.5AI score0.00434EPSS
Exploits0References1
OSV
OSV
added 2017/12/05 12:0 a.m.3 views

UBUNTU-CVE-2017-15868

The bnepaddconnection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application...

7.8CVSS6.8AI score0.00434EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2017/11/16 12:0 a.m.247 views

EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1245)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service...

8CVSS7.2AI score0.16181EPSS
Exploits28References11
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.29 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2793-1) (BlueBorne)

This update for the Linux Kernel 3.12.74-606448 fixes one issue. The following security bugs were fixed : - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denia...

8CVSS7.3AI score0.16181EPSS
Exploits12References7
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.256 views

Oracle Linux 7 : kernel (ELSA-2017-2930-1) (BlueBorne)

Description of changes: - 3.10.0-693.5.2.0.1.el7.OL7 - ipc ipc/sem.c: bugfix for semctl,,GETZCNT Manfred Spraul orabug 22552377 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel olkmodsigningkey.x509alexey.petrenko at oracle.com - Update...

8CVSS7.2AI score0.20797EPSS
Exploits46References11
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.49 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2796-1) (BlueBorne)

This update for the Linux Kernel 3.12.74-606457 fixes one issue. The following security bugs were fixed : - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denia...

8CVSS7.3AI score0.16181EPSS
Exploits12References7
Tenable Nessus
Tenable Nessus
added 2017/10/20 12:0 a.m.23 views

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:2781-1) (BlueBorne)

This update for the Linux Kernel 3.12.61-5283 fixes one issue. The following security bugs were fixed : - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial ...

8CVSS7.3AI score0.16181EPSS
Exploits12References7
Tenable Nessus
Tenable Nessus
added 2017/10/20 12:0 a.m.34 views

Oracle Linux 7 : kernel (ELSA-2017-2930)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2930 advisory. - net tcp: initialize rcvmss to TCPMINMSS instead of 0 Davide Caratti 1488341 1487061 CVE-2017-14106 - net tcp: fix 0 divide in tcpselectwindow Davide...

8CVSS7.4AI score0.20797EPSS
Exploits46References10
Rows per page
Query Builder