Lucene search
K

213 matches found

OSV
OSV
added 2019/08/19 2:15 a.m.1 views

DEBIAN-CVE-2017-18549

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacsendrawsrb does not initialize the reply structure...

5.5CVSS6.5AI score0.00558EPSS
Exploits0References1
OSV
OSV
added 2019/08/19 2:15 a.m.3 views

UBUNTU-CVE-2017-18549

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacsendrawsrb does not initialize the reply structure...

5.5CVSS6.7AI score0.00558EPSS
Exploits0References5
OSV
OSV
added 2019/08/19 2:15 a.m.2 views

UBUNTU-CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacgethbainfo does not initialize the hbainfo structure...

5.5CVSS7AI score0.00542EPSS
Exploits0References5
CVE
CVE
added 2019/08/19 1:51 a.m.88 views

CVE-2017-18549

CVE-2017-18549 affects the Linux kernel component drivers/scsi/aacraid/commctrl.c in versions prior to 4.13. The root cause is that aac_send_raw_srb does not initialize the reply structure, which can lead to exposure of kernel stack memory. The connected Nessus entries (Unity Linux advisories) re...

5.5CVSS5.3AI score0.00558EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/08/19 1:51 a.m.22 views

CVE-2017-18549

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacsendrawsrb does not initialize the reply structure...

6.8AI score0.00558EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/08/19 1:51 a.m.31 views

CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacgethbainfo does not initialize the hbainfo structure...

6.3AI score0.00542EPSS
Exploits0References1
CVE
CVE
added 2019/08/19 1:51 a.m.89 views

CVE-2017-18550

CVE-2017-18550 affects Linux kernels up to 4.12: in drivers/scsi/aacraid/commctrl.c, aac_get_hba_info does not initialize hbainfo, exposing kernel stack memory. Severity is low (CVSS v3: 5.5) but local access required. The Unity Nessus advisories reproduce this issue and reference a kernel fix pr...

5.5CVSS5.9AI score0.00542EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2019/08/19 1:51 a.m.45 views

CVE-2017-18550

An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aacgethbainfo does not initialize the hbainfo structure...

5.5CVSS6.2AI score0.00542EPSS
Exploits0
Veracode
Veracode
added 2019/05/02 5:51 a.m.48 views

Denial Of Service (DoS)

Linux kernel is vulnerable to denial of serviceDoS attacks. A race condition flaw occurs in the ioctlsendfib function in the Linux kernel's aacraid implementation. This allows a local user to cause out-of-bound access and crash the system by changing a certain size value...

5.1CVSS5.6AI score0.00404EPSS
Exploits0References21Affected Software1
RedHat Linux
RedHat Linux
added 2017/03/21 9:6 a.m.4 views

kernel: scsi: aacraid: double fetch in ioctl_send_fib()

A race condition flaw was found in the ioctlsendfib function in the Linux kernel's aacraid implementation. A local attacker could use this flaw to cause a denial of service out-of-bounds access or system crash by changing a certain size value...

5.1CVSS6.6AI score0.00342EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/12/22 12:0 a.m.147 views

OracleVM 3.2 : Unbreakable / etc (OVMSA-2016-0181)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/iopl/64: properly context-switch IOPL on Xen PV Andy Lutomirski Orabug: 25269184 CVE-2016-3157 - net: Fix use after free in the recvmmsg exit path Arnaldo Carvalho de Melo Orabug: 25298618...

10CVSS6.5AI score0.24299EPSS
Exploits7References11
RedhatCVE
RedhatCVE
added 2016/12/15 8:20 p.m.55 views

CVE-2016-6480

A race condition flaw was found in the ioctlsendfib function in the Linux kernel's aacraid implementation. A local attacker could use this flaw to cause a denial of service out-of-bounds access or system crash by changing a certain size value...

5.1CVSS2.9AI score0.00342EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/11/28 12:0 a.m.69 views

OracleVM 3.2 : Unbreakable / etc (OVMSA-2016-0167)

The remote OracleVM system is missing necessary patches to address critical security updates : - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060055 CVE-2016-6480 CVE-2016-6480 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore Orabug: 25059962...

7.8CVSS6.5AI score0.01393EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2016/11/22 12:0 a.m.122 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3644)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3644 advisory. - acpi: Disable ACPI table override if securelevel is set Linn Crosetto Orabug: 25058966 CVE-2016-3699 - aacraid: Check size values after...

7.8CVSS6.6AI score0.01393EPSS
Exploits9References11
Tenable Nessus
Tenable Nessus
added 2016/11/22 12:0 a.m.82 views

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3646)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3646 advisory. - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060055 CVE-2016-6480 CVE-2016-6480 - audit: fix a double fetch in...

7.8CVSS6.6AI score0.01393EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2016/11/22 12:0 a.m.65 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0162)

The remote OracleVM system is missing necessary patches to address critical security updates : - acpi: Disable ACPI table override if securelevel is set Linn Crosetto Orabug: 25058966 CVE-2016-3699 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060060 CVE-2016-64...

7.8CVSS6.5AI score0.01393EPSS
Exploits9References11
Tenable Nessus
Tenable Nessus
added 2016/11/22 12:0 a.m.67 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3645)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3645 advisory. - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify...

7.8CVSS6.6AI score0.01213EPSS
Exploits6References10
Tenable Nessus
Tenable Nessus
added 2016/11/22 12:0 a.m.45 views

OracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0163)

The remote OracleVM system is missing necessary patches to address critical security updates : - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify srpthandletskmgmt Bart Van Assche Orabug: 25060011 CVE-2016-6327 -...

7.8CVSS6.5AI score0.01213EPSS
Exploits6References10
Oracle linux
Oracle linux
added 2016/11/20 12:0 a.m.86 views

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.14.2 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify srpthandletskmgmt Bart Van Assche Orabug: 25060011 CVE-2016-6327 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore...

7.8CVSS0.9AI score0.01213EPSS
Exploits6
Oracle linux
Oracle linux
added 2016/11/20 12:0 a.m.69 views

Unbreakable Enterprise kernel security update

2.6.39-400.290.2 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060055 CVE-2016-6480 CVE-2016-6480 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore Orabug: 25059962 CVE-2016-6136 - ecryptfs: don't allow mmap when the lower fs doesn't support it...

7.8CVSS1.4AI score0.01393EPSS
Exploits7
Rows per page
Query Builder