61 matches found
K15482: Linux kernel vulnerability CVE-2014-4943
Security Advisory Description The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket. CVE-2014-4943 Impact None. No F5 products are affected by this...
SUSE CVE-2010-2495
The pppol2tpxmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel before 2.6.34 does not properly validate certain values associated with an interface, which allows attackers to cause a denial of service NULL pointer dereference and OOPS or possibly have unspecifi...
SUSE CVE-2014-4943
The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket...
SUSE SLES15: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2021:3969-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3969-1 advisory. The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed:...
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0180)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current...
kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create()
A race condition between pppol2tpsessioncreate and l2tpethcreate in net/l2tp/l2tpnetlink.c was found in the Linux kernel. Calling l2tptunnelfind may result in a new tunnel being created with tunnel id of a previously removed tunnel which wouldn't be protected by the reference counter...
PT-2018-3974 · Google +2 · Android Kernel +2
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a possible use after free due to a race condition in the pppol2tp create function of l2tp ppp.c. This could lead to local escalation of privilege,...
PT-2017-3953 · Google +4 · Android Kernel +4
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a use after free in the pppol2tp connect function, which could lead to memory corruption. This might allow an attacker to escalate privileges locally with System execution privileges. No use...
Oracle: Security Advisory (ELSA-2014-0981)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC
Exploit for linux platform in category dos / poc / ---------------------------------------------------------------------------------------------------- cve-2014-4943poc.c The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by...
Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash (PoC)
Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC / ---------------------------------------------------------------------------------------------------- cve-2014-4943poc.c The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain...
[SECURITY] [DLA 103-1] linux-2.6 security update
Package : linux-2.6 Version : CVE-2014-90902.6.32-48squeeze9 CVE ID : CVE-2012-6657 CVE-2013-0228 CVE-2013-7266 CVE-2014-4157 CVE-2014-4508 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4943 CVE-2014-5077 CVE-2014-5471 CVE-2014-5472 This security upload has been prepared in cooperation of th...
RHEL 6 : kernel (RHSA-2014:0925)
Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
Oracle Linux 6 : kernel (ELSA-2014-1167)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1167 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094457 1094458 CVE-2014-0205 - net vxlan: fix NULL pointer dereference Jiri Benc...
Oracle Linux 6 : kernel (ELSA-2014-0981)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0981 advisory. - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 - kernel utrace: force IRET path after...
kernel security, bug fix, and enhancement update
2.6.32-431.23.3 - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 2.6.32-431.23.2 - kernel utrace: force IRET path after utracefinishvfork Oleg Nesterov 1115932 1115933 CVE-2014-4699 2.6.32-431.23.1 - net iptunnel: fix iptunnelfind to return NULL in...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2014:0924 Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...
Oracle Linux 7 : unbreakable enterprise kernel (ELSA-2014-3049)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3049 advisory. - l2tp: fix an unprivileged user to kernel privilege escalation Sasha Levin Orabug: 19229497 CVE-2014-4943 CVE-2014-4943 - ptrace,x86: force IRET path...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20140723)
It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially...
Oracle Linux 6 : kernel (ELSA-2014-0924)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0924 advisory. - netdrv pppol2tp: fail when socket option level is not SOLPPPOL2TP 1119461 1119462 CVE-2014-4943 Tenable has extracted the preceding description block...