169 matches found
OracleVM 2.1 : udev (OVMSA-2009-0006)
The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. - fix fo...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20141014)
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. CVE-2014-5077, Important An integer overflow flaw wa...
CentOS 7 : kernel (CESA-2014:1023)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2014:1023 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scorin...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit
No description provided by source. / cve-2009-1185.c udev 141 Local Privilege Escalation Exploit Jon Oberheide [email protected] http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185 udev before 1.4.1 does not verify whether a NETLINK message originates...
Linux kernel __sock_diag_rcv_msg Netlink message privilege elevation
Added: 05/13/2014 CVE: CVE-2013-1763 BID: 58137 OSVDB: 90604 Background Netlink is a feature of the Linux kernel which allows communication between kernel and user space. Problem An array index error in the sockdiagrcvmsg function in the Linux kernel allows local users to gain root privileges by...
Linux kernel __sock_diag_rcv_msg Netlink message privilege elevation
Added: 05/13/2014 CVE: CVE-2013-1763 BID: 58137 OSVDB: 90604 Background Netlink is a feature of the Linux kernel which allows communication between kernel and user space. Problem An array index error in the sockdiagrcvmsg function in the Linux kernel allows local users to gain root privileges by...
Linux kernel __sock_diag_rcv_msg Netlink message privilege elevation
Added: 05/13/2014 CVE: CVE-2013-1763 BID: 58137 OSVDB: 90604 Background Netlink is a feature of the Linux kernel which allows communication between kernel and user space. Problem An array index error in the sockdiagrcvmsg function in the Linux kernel allows local users to gain root privileges by...
Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2011-2024)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-2024 advisory. - inetdiag: fix inetdiagbcaudit Eric Dumazet CVE-2011-2213 - net gre: fix netns vs proto registration ordering CVE-2011-1767 - net tunnels: fix netns v...
CVE-2012-6536
net/xfrm/xfrmuser.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability and providing a 1 new or 2...
kernel: sock_diag: out-of-bounds access to sock_diag_handlers[]
Array index error in the sockdiagrcvmsg function in net/core/sockdiag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message...
CVE-2012-6536
net/xfrm/xfrmuser.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability and providing a 1 new or 2...
UBUNTU-CVE-2012-6536
net/xfrm/xfrmuser.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability and providing a 1 new or 2...
CVE-2013-1763
Array index error in the sockdiagrcvmsg function in net/core/sockdiag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message...
Code injection
Array index error in the sockdiagrcvmsg function in net/core/sockdiag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message...
CVE-2013-1763
CVE-2013-1763 affects the Linux kernel pre-3.7.10, where an array index error in net/core/sock_diag.c (__sock_diag_rcv_msg) could allow a local attacker to gain privileges via a large family value in a Netlink message. The impact is a local privilege escalation with full confidentiality/integrity...
CVE-2013-1763
Array index error in the sockdiagrcvmsg function in net/core/sockdiag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message...
CVE-2013-1763
Array index error in the sockdiagrcvmsg function in net/core/sockdiag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message...
EUVD-2013-1789
Array index error in the sockdiagrcvmsg function in net/core/sockdiag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message...