kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()

A syntax vulnerability was discovered in the kernel's ASN1.1 DER decoder, which could lead to memory corruption or a complete local denial of service through x509 certificate DER files. A local system user could use a specially created key file to trigger BUGON in the publickeyverifysignature...

USN-2977-1 linux-lts-vivid vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

DEBIAN-CVE-2016-4008

The asn1extractderoctet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1DECODEFLAGSTRICTDER flag, allows remote attackers to cause a denial of service infinite recursion via a crafted certificate...

MGASA-2015-0322 Updated gnutls packages fix security vulnerabilities

It was reported that GnuTLS does not check whether the two signature algorithms match on certificate import CVE-2015-0294. Kurt Roeckx discovered that decoding a specific certificate with very long DistinguishedName DN entries leads to double free. A remote attacker can take advantage of this fla...

SUSE-SU-2015:1518-1 Security update for gnutls

gnutls was updated to fix several security vulnerabilities. - fix double free in certificate DN decoding GNUTLS-SA-2015-3bsc941794,CVE-2015-6251 - fix invalid read in octet string in bundled libtasn1 bsc929414,CVE-2015-3622 - fix ServerKeyExchange signature issue GNUTLS-SA-2015-2bsc929690...

OvisLink AirLive IP Cameras WL-2000CAM and Airlive IP Cameras POE-200CAM Operating System Command Injection Vulnerability

OvisLink Airlive IP Cameras WL-2000CAM and Airlive IP Cameras POE-200CAM are both network camera products from OvisLink. An operating system command injection vulnerability exists in the /cgi-bin/mft/wirelessmft.cgi binary file in the OvisLink AirLive IP Cameras WL-2000CAM and Airlive IP Cameras...

[SECURITY] [DSA 3254-1] suricata security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3254-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 09, 2015 http://www.debian.org/security/faq -...

CentOS Update for nspr CESA-2013:1135 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Firefox < 20 Multiple Vulnerabilities

The installed version of Firefox is earlier than 20 and is, therefore, potentially affected by the following vulnerabilities : - Various memory safety issues exist. CVE-2013-0788, CVE-2013-0789 - An out-of-bounds memory read error exists related to 'CERTDecodeCertPackage' and certificate decoding...

SeaMonkey < 2.17 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.17 and thus, is potentially affected by the following vulnerabilities : - Various memory safety issues exist. CVE-2013-0788, CVE-2013-0789 - An out-of-bounds memory read error exists related to 'CERTDecodeCertPackage' and certificate decoding...

DEBIAN-CVE-2013-0791

The CERTDecodeCertPackage function in Mozilla Network Security Services NSS, as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial ...