17 matches found
K31209433: Linux kernel vulnerabilities CVE-2017-6345, CVE-2017-6347, and CVE-2017-6348
Security Advisory Description CVE-2017-6345 The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service BUGON or possibly have unspecified other impact via crafted system...
Mageia: Security Advisory (MGASA-2017-0088)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 1.0: Linux PHSA-2017-0008 (deprecated)
An update of xcerces-c,linux packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0008. The text itself is copyright C VMware, Inc...
USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04...
Ubuntu: Security Advisory (USN-3265-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : the Linux Kernel (openSUSE-2017-418)
The openSUSE Leap 42.2 kernel was updated to 4.4.56 fix various security issues and bugs. The following security bugs were fixed : - CVE-2017-7184: The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel did not validate certain size data after an XFRMMSGNEWAE update, which...
openSUSE Security Update : the Linux Kernel (openSUSE-2017-419)
The openSUSE Leap 42.1 kernel was updated to 4.1.39 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5669: The doshmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed loca...
Security update for the Linux Kernel (important)
====================================================================== Still left to do: - Check CVE descriptions. They need to be written in the past tense. They are processed automatically, THERE CAN BE ERRORS IN THERE! - Remove version numbers from the CVE descriptions - Check the capitalizati...
Important: kernel
Issue Overview: The skbs processed by ipcmsgrecv are not guaranteed to be linear e.g. when sending UDP packets over loopback with MSGMORE. Using csumpartial on potentially the whole skb len is dangerous; instead be on the safe side and use skbchecksum. This may lead to an infoleak as the kernel...
Updated kernel packages fixes security vulnerabilities
This kernel update is based on upstream 4.4.55 and fixes at least the following security issues: Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service double free by setting the HDLC line discipline CVE-2017-263...
Fedora Update for kernel FEDORA-2017-d875ae8299
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : kernel (2017-ad67543fc5)
The 4.9.13 update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introduci...
Fedora 25 : kernel (2017-d875ae8299)
The 4.9.13 update contains a number of important fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducin...
CVE-2017-6347
The CVE-2017-6347 entry describes a vulnerability in the Linux kernel (net/ipv4/ip_sockglue.c: ip_cmsg_recv_checksum) when built before version 4.10.1. The flaw arises from incorrect assumptions about skb data layout, allowing a local attacker to trigger a denial of service via a buffer over-read...
CVE-2017-6347
The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...
CVE-2017-6347
The skbs processed by ipcmsgrecv are not guaranteed to be linear e.g. when sending UDP packets over loopback with MSGMORE. Using csumpartial on potentially the whole skb len is dangerous; instead be on the safe side and use skbchecksum. This may lead to an infoleak as the kernel memory may be...
CVE-2017-6347
The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...