166 matches found
DEBIAN-CVE-2017-5550
Off-by-one error in the pipeadvance function in lib/ioviter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision...
CVE-2017-5550
Off-by-one error in the pipeadvance function in lib/ioviter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision...
CVE-2017-5550
CVE-2017-5550 describes an off-by-one/error in the Linux kernel pipe_advance function (lib/iov_iter.c) that could allow local attackers to read from uninitialized kernel heap memory via a pipe, before the fixed 4.9.5 release. Connected advisories (EulerOS, Unity Linux) reference kernel versions b...
CVE-2017-5550
Off-by-one error in the pipeadvance function in lib/ioviter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision...
CVE-2017-5550
Off-by-one error in the pipeadvance function in lib/ioviter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision...
openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()
The dossl3write function in s3pkt.c in OpenSSL 1.x through 1.0.1g, when SSLMODERELEASEBUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via vectors...