Lucene search
K

84 matches found

Ubuntu
Ubuntu
added 2018/04/04 6:17 p.m.110 views

USN-3617-3: Linux kernel (Raspberry Pi 2) vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that a...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2018/04/04 12:0 a.m.104 views

Ubuntu 16.04 LTS : Linux (HWE) vulnerabilities (USN-3617-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3617-2 advisory. USN-3617-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement H...

7.8CVSS7.1AI score0.07679EPSS
Exploits10References23
Tenable Nessus
Tenable Nessus
added 2018/04/04 12:0 a.m.58 views

Ubuntu 17.10 : linux vulnerabilities (USN-3617-1)

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.8AI score0.07679EPSS
Exploits10References23
Ubuntu
Ubuntu
added 2018/04/03 7:40 p.m.106 views

USN-3617-2: Linux (HWE) vulnerabilities

USN-3617-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that a race condition leading to a use-after-free vulnerability existed in t...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Ubuntu
Ubuntu
added 2018/04/03 6:43 p.m.107 views

USN-3617-1: Linux kernel vulnerabilities

It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...

7.8CVSS6.9AI score0.07679EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2018/01/08 12:0 a.m.71 views

Debian DLA-1232-1 : linux security update (Meltdown)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754 Multiple researchers have discovered a vulnerability in Intel processors, enabling an attacker controlling an unprivileged process to rea...

7.8CVSS7.3AI score0.84172EPSS
Exploits3References8
Debian
Debian
added 2018/01/07 10:38 p.m.88 views

[SECURITY] [DLA 1232-1] linux security update

Package : linux Version : 3.2.96-3 CVE ID : CVE-2017-5754 CVE-2017-17558 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17807 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-5754...

7.8CVSS7.1AI score0.84172EPSS
Exploits3
ArchLinux
ArchLinux
added 2018/01/05 12:0 a.m.61 views

[ASA-201801-3] linux-zen: multiple issues

Arch Linux Security Advisory ASA-201801-3 ========================================= Severity: High Date : 2018-01-05 CVE-ID : CVE-2017-16995 CVE-2017-16996 CVE-2017-17449 CVE-2017-17558 CVE-2017-17712 CVE-2017-17805 CVE-2017-17806 CVE-2017-17852 CVE-2017-17853 CVE-2017-17854 CVE-2017-17855...

7.8CVSS3.2AI score0.84172EPSS
Exploits24References48
Tenable Nessus
Tenable Nessus
added 2018/01/04 12:0 a.m.105 views

SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0011-1) (Meltdown) (Spectre)

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update adds mitigations for various side channel attacks against modern CPUs that could disclose content of otherwise unreadable memory bnc1068032. - CVE-2017-5753: Local attackers on systems with...

7.8CVSS7.8AI score0.93838EPSS
Exploits25References65
CNVD
CNVD
added 2017/12/22 12:0 a.m.8 views

Linux kernel denial of service vulnerability (CNVD-2017-37874)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A vulnerability exists in the Salsa20 encryption algorithm in versions of Linux kernel prior to 4.14.8, which arises from a program's failure to properly handle input ...

7.8CVSS6.2AI score0.00428EPSS
Exploits0References1
Prion
Prion
added 2017/12/20 11:29 p.m.26 views

Code injection

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.2CVSS7.3AI score0.00428EPSS
Exploits0References24Affected Software7
NVD
NVD
added 2017/12/20 11:29 p.m.22 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.8CVSS7.5AI score0.00428EPSS
Exploits0References24
ATTACKERKB
ATTACKERKB
added 2017/12/20 11:29 p.m.3 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.8CVSS6.3AI score0.00428EPSS
Exploits0References34
OSV
OSV
added 2017/12/20 11:29 p.m.6 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.8CVSS7AI score
Exploits0References24
OSV
OSV
added 2017/12/20 11:29 p.m.2 views

DEBIAN-CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.8CVSS7.4AI score0.00428EPSS
Exploits0References1
CVE
CVE
added 2017/12/20 11:0 p.m.296 views

CVE-2017-17805

CVE-2017-17805 affects the Linux kernel prior to 4.14.8. The Salsa20 cipher implementation (crypto/salsa20_generic.c and arch/x86/crypto/salsa20_glue.c) mishandles zero-length inputs, allowing a local attacker to use the AF_ALG-based skcipher interface to trigger uninitialized memory free and ker...

7.8CVSS7.5AI score0.00428EPSS
Exploits0References24Affected Software1
Cvelist
Cvelist
added 2017/12/20 11:0 p.m.23 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.6AI score0.00428EPSS
Exploits0References24
Debian CVE
Debian CVE
added 2017/12/20 11:0 p.m.54 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.8CVSS6.6AI score0.00428EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/12/20 12:0 a.m.40 views

CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.8CVSS6.8AI score0.00428EPSS
Exploits0References12
OSV
OSV
added 2017/12/20 12:0 a.m.4 views

UBUNTU-CVE-2017-17805

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AFALG-based skcipher interface CONFIGCRYPTOUSERAPISKCIPHER to cause a denial of service uninitialized-memory free and kernel crash or have...

7.8CVSS6.7AI score0.00428EPSS
Exploits0References13
Rows per page
Query Builder