1255 matches found
QEMU: slirp: heap buffer overflow in tcp_emu()
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. It occurs in tcpemu routine while emulating the Identification protocol and copying message data to a socket buffer. A user or process could use this flaw to crash the QEMU process on the host...
EulerOS 2.0 SP3 : kernel (EulerOS-SA-2019-2068)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an blkdrainqueue use-after-free because a certain error...
NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0165)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information...
QEMU: slirp: heap buffer overflow in tcp_emu()
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. It occurs in tcpemu routine while emulating the Identification protocol and copying message data to a socket buffer. A user or process could use this flaw to crash the QEMU process on the host...
BSA-2019-828
Security Advisory ID : BSA-2019-828 Component : TCP SACK Revision : 2.0 An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB da...
Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented, which leads to increased resource...
Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented, which leads to increased resource...
Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented, which leads to increased resource...
Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented, which leads to increased resource...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
Kernel: tcp: integer overflow while processing SACK blocks allows remote denial of service
An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...
Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service
An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented, which leads to increased resource...
CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...
DEBIAN-CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...
Code injection
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...
CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...
CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...
UBUNTU-CVE-2019-3701
An issue was discovered in cancangwrcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the candlc field. The privileged user "root" with CAPNETADMIN can create a CAN frame modification rule that mak...
UBUNTU-CVE-2017-18218
In drivers/net/ethernet/hisilicon/hns/hnsenet.c in the Linux kernel before 4.13, local users can cause a denial of service use-after-free and BUG or possibly have unspecified other impact by leveraging differences in skb handling between hnsnicnetxmithw and hnsnicnetxmit...
kernel: Incorrect overwrite check in __ip6_append_data()
The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service system crash via crafted system calls...