Lucene search
K

76 matches found

RedHat Linux
RedHat Linux
added 2018/04/10 3:23 p.m.4 views

kernel: Missing namespace check in net/netlink/af_netlink.c allows for network monitors to observe systemwide activity

The netlinkdelivertapskb function in net/netlink/afnetlink.c in the Linux kernel, through 4.14.4, does not restrict observations of Netlink messages to a single net namespace, when CONFIGNLMON is enabled. This allows local users to obtain sensitive information by leveraging the CAPNETADMIN...

4.7CVSS6.6AI score0.00436EPSS
Exploits0References4
OSV
OSV
added 2018/03/02 12:0 a.m.4 views

UBUNTU-CVE-2018-1065

The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service NULL pointer dereference by leveraging the CAPNETRAW or CAPNETADMIN capability, related to...

4.7CVSS6.7AI score0.00438EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2018/03/02 12:0 a.m.8 views

PT-2018-10028 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.15.7 Description: The netfilter subsystem in the Linux kernel mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service NULL...

10CVSS7.3AI score0.93838EPSS
Exploits90References594
OSV
OSV
added 2017/09/21 12:0 a.m.3 views

UBUNTU-CVE-2017-12153

A security flaw was discovered in the nl80211setrekeydata function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAPNETADMIN capability and...

4.4CVSS6.6AI score0.00474EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2017/07/14 12:0 a.m.10 views

The vulnerability of the sock_setsockopt function in the kernel of the Linux operating system’s net/core/sock.c file allows a hacker to cause a service failure or exert other effects.

The vulnerability of the socksetsockopt function in the kernel’s net/core/sock.c file in the Linux operating system arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a local attacker to cause a service failure or other adverse...

7.2CVSS7.2AI score0.00412EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2016/12/28 7:59 a.m.3 views

UBUNTU-CVE-2012-6704

The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sksndbuf and skrcvbuf, which allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact by leveraging the CAPNETADMIN...

7.8CVSS7AI score0.00412EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/12/08 12:0 a.m.8 views

PT-2016-7822 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.8.14 Description: The issue is related to the mishandling of negative values of sk sndbuf and sk rcvbuf by the sock setsockopt function in the Linux kernel. This can be exploited by local users with the CAP NE...

10CVSS7.2AI score0.80855EPSS
Exploits58References748
OSV
OSV
added 2016/11/16 12:0 a.m.3 views

UBUNTU-CVE-2016-7917

The nfnetlinkrcvbatch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service infinite loop or out-of-bounds...

5CVSS6.7AI score0.01507EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2014/06/19 5:52 p.m.4 views

Kernel: SELinux: local denial-of-service

The securitycontexttosidcore function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service system crash by leveraging the CAPMACADMIN capability to set a zero-length security context...

4.9CVSS6.3AI score0.006EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/05/20 4:44 p.m.4 views

kernel: crypto: info leaks in report API

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMI...

2.1CVSS7.1AI score0.00388EPSS
Exploits1References4
OSV
OSV
added 2013/03/15 8:55 p.m.3 views

DEBIAN-CVE-2013-2548

The cryptoreportone function in crypto/cryptouser.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the...

2.1CVSS5.9AI score0.00385EPSS
Exploits0References1
OSV
OSV
added 2013/03/15 8:55 p.m.1 views

DEBIAN-CVE-2012-6538

The copytouserauth function in net/xfrm/xfrmuser.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability...

1.9CVSS7AI score0.00345EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2011/06/21 11:44 p.m.5 views

kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace

net/ipv4/netfilter/iptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

2.1CVSS7.1AI score0.0041EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2011/05/31 2:3 p.m.6 views

kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

2.1CVSS7.1AI score0.00404EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2010/03/23 3:42 p.m.5 views

kernel: netfilter: ebtables: enforce CAP_NET_ADMIN

net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAPNETADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traff...

2.1CVSS5.9AI score0.00403EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/10/05 7:16 p.m.4 views

security flaw

Race condition in the doaddcounters function in netfilter for Linux kernel 2.6.16 allows local users with CAPNETADMIN capabilities to read kernel memory by triggering the race condition in a way that produces a size value that is inconsistent with allocated memory, which leads to a buffer over-re...

4.7CVSS5.9AI score0.00296EPSS
Exploits0References4
Rows per page
Query Builder