41 matches found
kernel: Kernel: Denial of Service via recursive deadlock in L2TP tunnel registration
A flaw was found in the kernel. A local user can exploit this vulnerability by passing a pppol2tp socket file descriptor as a UDP socket file descriptor during L2TP tunnel registration. This can cause a recursive deadlock, leading to a denial of service DoS on the system...
SUSE CVE-2014-2678
The rdsiwladdrcheck function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports...
SUSE-SU-2020:0528-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Java 8.0 was updated to Service Refresh 6 Fix Pack 5 bsc1162972, bsc1160968 - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2019-4732: Untrusted DLL search path vulnerability - CVE-2020-2593: Normalize normalization for all -...
SUSE-SU-2020:0628-1 Security update for java-1_7_0-openjdk
This update for java-170-openjdk fixes the following issues: Update java-170-openjdk to version jdk7u251 January 2020 CPU, bsc1160968: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for all -...
SUSE-SU-2020:0466-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Java 8.0 was updated to Service Refresh 6 Fix Pack 5 bsc1162972, bsc1160968 - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2019-4732: Untrusted DLL search path vulnerability - CVE-2020-2593: Normalize normalization for all -...
OPENSUSE-SU-2020:0147-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update java-180-openjdk to version jdk8u242 icedtea 3.15.0 January 2020 CPU, bsc1160968: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for a...
SUSE-SU-2020:0231-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update java-180-openjdk to version jdk8u242 icedtea 3.15.0 January 2020 CPU, bsc1160968: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for a...
USN-3632-1: Linux kernel (Azure) vulnerabilities
It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that the KVM...
Ubuntu 16.04 LTS : Linux kernel (Azure) vulnerabilities (USN-3632-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3632-1 advisory. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker...
Ubuntu: Security Advisory (USN-3620-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3620-2: Linux kernel (Trusty HWE) vulnerabilities
USN-3620-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3620-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3620-1 advisory. It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A...
USN-3620-1: Linux kernel vulnerabilities
It was discovered that the netlink 802.11 configuration interface in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker with the CAPNETADMIN privilege could use this to cause a denial of service system crash or possibly execute arbitrary code...
OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source...
OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source...
OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source...
OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source...
OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source...
OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source...
OpenJDK: DatagramSocket connected socket missing source check (Libraries, 8039509)
It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source...