Lucene search
K

17 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:56 p.m.55 views

K31209433: Linux kernel vulnerabilities CVE-2017-6345, CVE-2017-6347, and CVE-2017-6348

Security Advisory Description CVE-2017-6345 The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service BUGON or possibly have unspecified other impact via crafted system...

7.8CVSS6.8AI score0.00438EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2017-0088)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.01029EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2018/08/17 12:0 a.m.35 views

Photon OS 1.0: Linux PHSA-2017-0008 (deprecated)

An update of xcerces-c,linux packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0008. The text itself is copyright C VMware, Inc...

10CVSS7.5AI score0.06781EPSS
Exploits0References5
Cloud Foundry
Cloud Foundry
added 2017/05/01 12:0 a.m.56 views

USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04...

9.8CVSS8.1AI score0.04953EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/04/25 12:0 a.m.40 views

Ubuntu: Security Advisory (USN-3265-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.04953EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/04/03 12:0 a.m.51 views

openSUSE Security Update : the Linux Kernel (openSUSE-2017-419)

The openSUSE Leap 42.1 kernel was updated to 4.1.39 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-5669: The doshmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed loca...

8.4CVSS6.9AI score0.06438EPSS
Exploits5References34
Tenable Nessus
Tenable Nessus
added 2017/04/03 12:0 a.m.80 views

openSUSE Security Update : the Linux Kernel (openSUSE-2017-418)

The openSUSE Leap 42.2 kernel was updated to 4.4.56 fix various security issues and bugs. The following security bugs were fixed : - CVE-2017-7184: The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel did not validate certain size data after an XFRMMSGNEWAE update, which...

7.8CVSS6.8AI score0.06438EPSS
Exploits5References64
OPENSUSE Linux
OPENSUSE Linux
added 2017/04/01 3:7 p.m.111 views

Security update for the Linux Kernel (important)

====================================================================== Still left to do: - Check CVE descriptions. They need to be written in the past tense. They are processed automatically, THERE CAN BE ERRORS IN THERE! - Remove version numbers from the CVE descriptions - Check the capitalizati...

7.2CVSS2.8AI score0.06438EPSS
Exploits5References18
Amazon
Amazon
added 2017/03/29 12:0 a.m.36 views

Important: kernel

Issue Overview: The skbs processed by ipcmsgrecv are not guaranteed to be linear e.g. when sending UDP packets over loopback with MSGMORE. Using csumpartial on potentially the whole skb len is dangerous; instead be on the safe side and use skbchecksum. This may lead to an infoleak as the kernel...

7.8CVSS7.1AI score0.01902EPSS
Exploits4
Mageia
Mageia
added 2017/03/25 8:15 p.m.69 views

Updated kernel packages fixes security vulnerabilities

This kernel update is based on upstream 4.4.55 and fixes at least the following security issues: Race condition in drivers/tty/nhdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service double free by setting the HDLC line discipline CVE-2017-263...

7.8CVSS4.5AI score0.01029EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2017/03/03 12:0 a.m.50 views

Fedora 24 : kernel (2017-ad67543fc5)

The 4.9.13 update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introduci...

7.8CVSS6.7AI score0.00438EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/03/03 12:0 a.m.42 views

Fedora 25 : kernel (2017-d875ae8299)

The 4.9.13 update contains a number of important fixes across the tree Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducin...

7.8CVSS6.7AI score0.00438EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/03/03 12:0 a.m.45 views

Fedora Update for kernel FEDORA-2017-d875ae8299

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00438EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/03/01 8:0 p.m.24 views

CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

7.7AI score0.00438EPSS
Exploits0References6
CVE
CVE
added 2017/03/01 8:0 p.m.145 views

CVE-2017-6347

The CVE-2017-6347 entry describes a vulnerability in the Linux kernel (net/ipv4/ip_sockglue.c: ip_cmsg_recv_checksum) when built before version 4.10.1. The flaw arises from incorrect assumptions about skb data layout, allowing a local attacker to trigger a denial of service via a buffer over-read...

7.8CVSS7.5AI score0.00438EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2017/03/01 4:20 p.m.31 views

CVE-2017-6347

The skbs processed by ipcmsgrecv are not guaranteed to be linear e.g. when sending UDP packets over loopback with MSGMORE. Using csumpartial on potentially the whole skb len is dangerous; instead be on the safe side and use skbchecksum. This may lead to an infoleak as the kernel memory may be...

7.8CVSS2.1AI score0.00438EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/03/01 12:0 a.m.41 views

CVE-2017-6347

The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service buffer over-read or possibly have unspecified other impact via crafted system calls, as demonstrated b...

7.8CVSS6.8AI score0.00438EPSS
Exploits0References4
Rows per page
Query Builder