11 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000847)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000847 advisory. The driverrfc4106decrypt function in arch/x86/crypto/aesni-intelglue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for...
SUSE CVE-2015-3331
The driverrfc4106decrypt function in arch/x86/crypto/aesni-intelglue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service buffer overflow and system crash or possibly...
Oracle: Security Advisory (ELSA-2015-0674)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : kernel (RHSA-2015:1199)
Updated kernel packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Kernel: crypto: buffer overruns in RFC4106 implementation using AESNI
A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a...
Amazon Linux AMI : kernel (ALAS-2015-523)
A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a...
RHEL 7 : kernel-rt (RHSA-2015:0981)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0981 advisory. - Kernel: crypto: buffer overruns in RFC4106 implementation using AESNI CVE-2015-3331 Note that Nessus has not tested for this issue but has instead...
Updated kernel package fixes security vulnerabilities
This kernel update is based on upstream -longterm 3.14.39 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access to ...
Linux kernel AESNI buffer overflow vulnerability
Linux kernel is an open source operating system. A buffer overflow vulnerability exists in the 'driverrfc4106decrypt' function in the Linux kernel /arch/x86/crypto/aesni-intelglue.c file, which allows a local attacker to exploit the vulnerability by sending specially crafted IPSec packets to cras...
PT-2015-6154 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.19.3 Description: The issue is related to the driver rfc4106 decrypt function in the Linux kernel, which does not properly determine the memory locations used for encrypted data. This allows attackers to cause...
kernel security and bug fix update
2.6.32-504.12.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 2.6.32-504.12.1 - fs splice: perform generic write checks Eric Sandeen 1163798 1155900 CVE-2014-7822 2.6.32-504.11.1 - virt kvm: excessive pages un-pinning in...