1255 matches found
USN-3290-1: Linux kernel vulnerability
Marco Grassi discovered that the TCP implementation in the Linux kernel mishandles socket buffer skb truncation. A local attacker could use this to cause a denial of service system crash...
USN-3290-1 linux vulnerability
Marco Grassi discovered that the TCP implementation in the Linux kernel mishandles socket buffer skb truncation. A local attacker could use this to cause a denial of service system crash...
CVE-2017-7477
A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment listskbshinfoskb-fraglist in the socket bufferskbbuff. The heap overflow occurred if 'MAXSKBFRAGS + 1' parameter and 'NETIFFFRAGLIST' feature are both used together. A remote user or...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
kernel: use after free in dccp protocol
A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...
CVE-2016-9793
The socksetsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact by leveraging the CAPNETADMIN...
Ubuntu: Security Advisory (USN-3161-4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Kernel - io_submit L2TP sendmsg Integer Overflow
/ Source: https://code.google.com/p/google-security-research/issues/detail?id=735 In certain kernel versions it is possible to use the AIO subsystem iosubmit syscall to pass size values larger than MAXRWCOUNT to the networking subsystem's sendmsg implementation. In the L2TP PPP sendmsg...
Linux io_submit L2TP sendmsg - Integer Overflow
Exploit for linux platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=735 In certain kernel versions it is possible to use the AIO subsystem iosubmit syscall to pass size values larger than MAXRWCOUNT to the networking subsystem's sendmsg...
Debian Linux 2.1,Linux kernel 2.2/2.3,RedHat Linux 6.0,S.u.S.E. Linux 6.1 IP Options Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/302/info A vulnerability in the Linux Kernel's IPv4 option processing may allow a remote user to crash the system. The vulnerability is the result of the kernel freeing a socket buffer when it shouldn't while sending an...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
PT-2019-5753 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.10.x through 4.18.x Description: The issue is related to the SCTP socket buffer used by a userspace application not being accounted for by the cgroups subsystem. This can be exploited to cause a denial of service attac...
DEBIAN-CVE-2013-2017
The veth aka virtual Ethernet driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service system crash by leveraging lack of skb consumption in conjunction with a double-free error...