Security Bulletin: Multiple vulnerabilities in IPv6 and MQ affect IBM SAN Volume Controller, IBM Storwize and IBM FlashSystem products

Summary Vulnerabilities in the IPv6 and MQ components affect IBM SAN Volume Controller, IBM Storwize and IBM FlashSystem products. Applicable CVEs are CVE-2016-10142 and CVE-2017-11176. Vulnerability Details CVEID: CVE-2016-10142 DESCRIPTION: The IETF IPv6 protocol is vulnerable to a denial of...

K57211290: IPv6 fragmentation vulnerability CVE-2016-10142

Security Advisory Description An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big PTB messages. The scope of this CVE is all affected IPv6 implementations from all vendors. The security implications of IP fragmentation have been discussed at length in RFC627...

Security Bulletin: Vulnerabilities in IPv6 and MQ affect the IBM FlashSystem models 840 and 900

Summary There are vulnerabilities in the IPv6 and MQ components which affect the IBM FlashSystem™ 840 and IBM FlashSystem 900. An exploit of these vulnerabilities CVE-2016-10142 and CVE-2017-11176 could make the system susceptible to attacks which could allow an attacker to trigger a kernel panic...

NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0152)

The remote NewStart CGSL host, running version MAIN 4.05, has kernel packages installed that are affected by multiple vulnerabilities: - It was found that AIO interface didn't use the proper rwverifyarea helper function with extended functionality, for example, mandatory locking on the file. Also...

Security Bulletin: IBM Security Directory Suite is affected by multiple vulnerabilities (CVE-2016-10142, CVE-2015-3331, CVE-2014-2523)

Summary IBM Security Directory Suite ISDS has addressed the following vulnerabilities due to buffer overflow, remote arbitrary code execution, and denial of service. Vulnerability Details CVEID: CVE-2016-10142 DESCRIPTION: The IETF IPv6 protocol is vulnerable to a denial of service. By leveraging...

Security Bulletin: Vulnerabilities in IPv6 and MQ affect the IBM FlashSystem model V840

Summary There are vulnerabilities in the IPv6 and MQ components which affect the IBM FlashSystem™ V840. An exploit of these vulnerabilities CVE-2016-10142 and CVE-2017-11176 could make the system susceptible to attacks which could allow an attacker to trigger a kernel panic or denial of service...

Pulse Connect Secure Multiple Vulnerabilities (SA43730)

According to its self-reported version, the version of Pulse Connect Secure running on the remote host is affected by multiple vulnerabilities. Refer to the vendor advisory for additional information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.18.2 - nfsd: stricter decoding of write-like NFSv2/v3 ops J. Bruce Fields Orabug: 25986990 CVE-2017-7895 3.8.13-118.18.1 - fnic: Update fnic driver version to 1.6.0.24 John Sobecki Orabug: 24448585 - xen-netfront: Rework the fix for Rx stall during OOM and network stress...

OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0058)

The remote OracleVM system is missing necessary patches to address critical security updates : - RHEL: complement upstream workaround for CVE-2016-10142. Quentin Casasnovas Orabug: 25765786 CVE-2016-10142 CVE-2016-10142 - net: ping: check minimum size on ICMP header length Kees Cook Orabug:...

Unbreakable Enterprise kernel security update

2.6.39-400.294.6 - RHEL: complement upstream workaround for CVE-2016-10142. Quentin Casasnovas Orabug: 25765786 CVE-2016-10142 CVE-2016-10142 2.6.39-400.294.5 - net: ping: check minimum size on ICMP header length Kees Cook Orabug: 25766914 CVE-2016-8399 - ipv6: stop sending PTB packets for MTU 12...

Oracle Linux 6 : kernel (ELSA-2017-0817)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0817 advisory. - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424628 CVE-2017-6074 - fs posixacl: Clear SGID bit when setting file...

Kernel security update: new kernel 2.6.32-042stab123.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0

This update provides a new kernel 2.6.32-042stab123.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0. The new kernel is based on the Red Hat Enterprise Linux 6.9 kernel 2.6.32-696.el6 and provides security fixes. Vulnerability id: CVE-2017-6214 A flaw was found in the Linux kernel'...

CentOS 6 : kernel (CESA-2017:0817)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2016-10142

It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow in scenarios in which actual fragmentation of packets is not needed and could subsequently perform any type of a fragmentation-based attack...

CVE-2016-10142

CVE-2016-10142 : The IPv6 fragmentation/atomic-fragment issue can cause a DoS (including kernel panic) by forging an ICMPv6 Packet Too Big message to trigger IPv6 atomic fragments, affecting IPv6 implementations across vendors. Connected docs confirm practical impact as DoS with possible kernel p...