Linux Distros Unpatched Vulnerability : CVE-2016-6828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tcpchecksendhead function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, whic...

Debian: Security Advisory (DLA-609-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K62442245: Kernel vulnerability CVE-2016-6828

Security Advisory Description The tcpchecksendhead function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service tcpxmitretransmitqueue use-after-free and system crash vi...

Mageia: Security Advisory (MGASA-2016-0347)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2912-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1494)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 Networks BIG-IP : Kernel vulnerability (K62442245)

The tcpchecksendhead function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service tcpxmitretransmitqueue use-after-free and system crash via a crafted SACK option...

Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel

Summary IBM QRadar Network Security has addressed vulnerabilities in Linux kernel. Vulnerability Details CVEID: CVE-2017-6074 DESCRIPTION: Linux kernel is vulnerable to a denial of service, caused by improper handling of DCCPPKTREQUEST packet data structures in the LISTEN state by the...

Oracle Linux 7 : kernel (ELSA-2017-1842-1) (Stack Clash)

The remote Oracle Linux host is missing a security update for the kernel packages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from Oracle Linux Security Advisory ELSA-2017-1842-1. if NASLLEVEL 3000 exit0; include'deprecatednasllevel.inc';...

Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0086)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Oracle Linux 6 : kernel (ELSA-2017-0817)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0817 advisory. - net dccp: fix freeing skb too early for IPV6RECVPKTINFO Hannes Frederic Sowa 1424628 CVE-2017-6074 - fs posixacl: Clear SGID bit when setting file...

RHEL 7 : kernel (RHSA-2017:0086)

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Oracle Linux 7 : kernel (ELSA-2017-0086)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0086 advisory. - net sctp: validate chunk len before actually using it Hangbin Liu 1399458 1399459 CVE-2016-9555 - net sctp: rename WORDTRUNC/ROUND macros Hangbin Liu...

OracleVM 3.2 : Unbreakable / etc (OVMSA-2017-0006)

The remote OracleVM system is missing necessary patches to address critical security updates : - nvme: Limit command retries Ashok Vairavan Orabug: 25342947 - tcp: fix use after free in tcpxmitretransmitqueue Eric Dumazet Orabug: 25374376 CVE-2016-6828 - ALSA: pcm : Call killfasync in stream lock...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3509)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3509 advisory. - net: avoid signed overflows for SOSND|RCVBUFFORCE Eric Dumazet Orabug: 25203623 CVE-2016-9793 - tcp: fix use after free in tcpxmitretransmitqueue...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2017-3510)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3510 advisory. - tcp: fix use after free in tcpxmitretransmitqueue Eric Dumazet Orabug: 25374376 CVE-2016-6828 - ALSA: pcm : Call killfasync in stream lock Takash...

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-61.1.25 - KEYS: Fix short sprintf buffer in /proc/keys show function David Howells Orabug: 25306361 CVE-2016-7042 - nvme: Limit command retries Keith Busch Orabug: 25374751 - fs/proc/taskmmu.c: fix mmaccess mode parameter in pagemapread Kenny Keslar Orabug: 25374977 - tcp: fix u...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.16.2 - net: avoid signed overflows for SOSND|RCVBUFFORCE Eric Dumazet Orabug: 25203623 CVE-2016-9793 3.8.13-118.16.1 - nvme: Limit command retries Ashok Vairavan Orabug: 25374794 - tcp: fix use after free in tcpxmitretransmitqueue Eric Dumazet Orabug: 25374371 CVE-2016-6828 ...

Oracle Linux 6 : kernel (ELSA-2017-0036)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0036 advisory. - net Fix use after free in the recvmmsg exit path Davide Caratti 1390805 1390046 CVE-2016-7117 - net tcp: fix use after free in tcpxmitretransmitqueue...

kernel security and bug fix update

2.6.32-642.13.1 - net Fix use after free in the recvmmsg exit path Davide Caratti 1390805 1390046 CVE-2016-7117 - net vlan: Propagate MAC address to VLANs Jarod Wilson 1396479 1381585 - net tcp: fix use after free in tcpxmitretransmitqueue Mateusz Guzik 1379527 1379529 CVE-2016-6828 - net...