25 matches found
CLSA-2025-1744721593 c-ares: Fix of 4 CVEs
CVE-2024-25629: fix invalid memory read issue in aresreadline - CVE-2023-31130: fix buffer underflow in aresinetnetpton for certain ipv6 addresses - CVE-2023-31147: fix issue of using weak random numbers in DNS query ids by replacing rand with a modern OS-provided CSPRNG like arc4random -...
Denial Of Service (DoS)
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload UFO feature was enabled. A remot...
Denial Of Service (DoS)
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload UFO feature was enabled. A remot...
Sensitive Information Disclosure
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload UFO feature was enabled. A remot...
Sensitive Information Disclosure
The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload UFO feature was enabled. A remot...
Denial Of Service (DoS)
The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way IP packets with an Internet Header Length ihl of zero were processed in the skbflowdissect function in the Linux kernel. A remote attacker could use this flaw to trigger an infinit...
NULL Pointer Dereference
The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way IP packets with an Internet Header Length ihl of zero were processed in the skbflowdissect function in the Linux kernel. A remote attacker could use this flaw to trigger an infinit...
Alvosec: Alvocrypt uses a cryptographically insecure PRNG.
Dear Alvosec bug bounty team, Summary --- A PRNG is an algorithm used to produce random-looking numbers with certain desirable statistical properties. In order for a PRNG to be cryptographically secure it must be resistant to prediction. The generatepass function in Alvocrypt currently uses...
Ubuntu Update for linux-ti-omap4 USN-2110-1
Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN21101.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-ti-omap4 USN-2110-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is...
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2109-1)
Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw...
USN-2109-1: Linux kernel vulnerabilities
Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw...
Ubuntu: Security Advisory (USN-2065-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2065-1)
Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 A flaw was discovered in the Linux kernel's IP Virtual Server IPVS support. A local user with the CAPNETADMI...
USN-2065-1: Linux kernel (EC2) vulnerabilities
Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 A flaw was discovered in the Linux kernel's IP Virtual Server IPVS support. A local user with the CAPNETADMI...
USN-2064-1: Linux kernel vulnerabilities
Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 A flaw was discovered in the Linux kernel's IP Virtual Server IPVS support. A local user with the CAPNETADMI...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20131121)
This update fixes the following security issues : - A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload UFO feature was enabled. A remote attacker could use this flaw to crash the system or, potentially, escalate their...
Unbreakable Enterprise Kernel security update
kernel-uek 2.6.32-400.33.3uek - afkey: fix info leaks in notify messages Mathias Krause Orabug: 17837974 CVE-2013-2234 - drivers/cdrom/cdrom.c: use kzalloc for failing hardware Jonathan Salwan Orabug: 17837971 CVE-2013-2164 - fs/compatioctl.c: VIDEOSETSPUPALETTE missing error check Kees Cook...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2013:1645 Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fifth regul...
Important: Red Hat Security Advisory: Red Hat Enterprise Linux 6 kernel update
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fifth regular update. The Red Hat Security Response Team has...
kernel: ansi_cprng: off by one error in non-block size request
Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the...