Arista Networks EOS tcp_input Challenge ACKs Shared Counter Disclosure (SA0023)

The version of Arista Networks EOS running on the remote device is affected by a flaw in the Linux kernel implementation within file net/ipv4/tcpinput.c due to a failure to properly determine the rate of challenge ACK segments. An unauthenticated, remote attacker can exploit this issue to access...

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerabilities (USN-3070-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3070-3 advisory. A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL...

Ubuntu: Security Advisory (USN-3071-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3070-1 linux vulnerabilities

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. CVE-2016-1237 Kangjie Lu discovered an information leak in the Reliable Datagram Sockets RDS implementation in the Linux kernel. A local attacke...

Oracle Linux 7 : kernel (ELSA-2016-1633)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-1633 advisory. - net tcp: enable per-socket rate limiting of all 'challenge acks' Florian Westphal 1355603 1355605 CVE-2016-5696 - net tcp: uninline tcpoowratelimited Florian...

linux-zen: information disclosure

A security issue has been found in the Linux kernel's implementation of challenge ACKs as specified in RFC 5961. An attacker which knows a connection's client IP, server IP and server port can abuse the challenge ACK mechanism to determine the accuracy of a normally 'blind' attack on the client o...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.10.2 - tcp: make challenge acks less predictable Eric Dumazet Orabug: 24010012 Orabug: 2401010 CVE-2016-5696 3.8.13-118.10.1 - ocfs2: call ocfs2journalaccessdi before ocfs2journaldirty in ocfs2writeendnolock yangwenfang Orabug: 19601200 - ocfs2: improve recovery performance...

linux: information disclosure

A security issue has been found in the Linux kernel's implementation of challenge ACKs as specified in RFC 5961. An attacker which knows a connection's client IP, server IP and server port can abuse the challenge ACK mechanism to determine the accuracy of a normally 'blind' attack on the client o...