Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel is the core of the operating system. These updated kernel...

Bound check ordering issue in random driver

Stack-based buffer overflow in the random number generator RNG implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing...

RHEL 5 : kernel (RHSA-2007:0940)

Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These ne...

kernel security update

CentOS Errata and Security Advisory CESA-2007:0940 Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles th...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These ne...

Bound check ordering issue in random driver

Stack-based buffer overflow in the random number generator RNG implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing...

Mandrake Linux Security Advisory : kernel (MDKSA-2007:171)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The Linux kernel did not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allowed local users to cause a denial of service process crash CVE-2006-5755. The...

USN-508-1: Linux kernel vulnerabilities

A buffer overflow was discovered in the Moxa serial driver. Local attackers could execute arbitrary code and gain root privileges. CVE-2005-0504 A flaw was discovered in the IPv6 stack's handling of type 0 route headers. By sending a specially crafted IPv6 packet, a remote attacker could cause a...

DSA-1363-1 linux-2.6

Bulletin has no description...

ISC BIND 8 - Remote Cache Poisoning (2)

ISC BIND 8 - Remote Cache Poisoning 2 source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating...

ISC BIND 8 - Remote Cache Poisoning (1)

ISC BIND 8 - Remote Cache Poisoning 1 source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating...

ISC BIND 8 - Remote Cache Poisoning (1)

source: https://www.securityfocus.com/bid/25459/info BIND 8 is prone to a remote cache-poisoning vulnerability because of weaknesses in its random-number generator. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or...

Design/Logic Flaw

The xfersecondarypool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof...

CVE-2007-4311

The xfersecondarypool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof...

CVE-2007-4311

The xfersecondarypool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof...

CVE-2007-4311

The CVE-2007-4311 issue affects the Linux kernel random driver (drivers/char/random.c) where reseed operations reuse only the first bytes of a buffer due to incorrect use of sizeof, reducing entropy and potentially making RNG output more predictable. It is described for Linux 2.4.x builds prior t...

Stack overflow

Stack-based buffer overflow in the random number generator RNG implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size, which triggers writing...

Design/Logic Flaw

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

CVE-2007-2926

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...

CVE-2007-2926

ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning...