65 matches found
CentOS Update for kernel CESA-2016:1033 centos7
Check the version of kernel SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882493";...
USN-2979-4: Linux kernel (Qualcomm Snapdragon) vulnerability
Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
USN-2979-3: Linux kernel (Raspberry Pi 2) vulnerability
Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
USN-2979-2 linux-lts-xenial vulnerabilities
USN-2979-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in t...
USN-2979-2: Linux kernel (Xenial HWE) vulnerabilities
USN-2979-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in t...
USN-2979-1: Linux kernel vulnerabilities
David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers MTRR in KVM guests. A privileged user in a guest VM could use this to cause a denial of service system crash in the host, expose...
USN-2978-3: Linux kernel (Raspberry Pi 2) vulnerability
Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
USN-2978-2: Linux kernel (Wily HWE) vulnerabilities
USN-2978-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux...
USN-2978-1: Linux kernel vulnerabilities
David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers MTRR in KVM guests. A privileged user in a guest VM could use this to cause a denial of service system crash in the host, expose...
USN-2976-1: Linux kernel (Utopic HWE) vulnerability
Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
USN-2975-2: Linux kernel (Trusty HWE) vulnerability
USN-2975-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properl...
USN-2975-1: Linux kernel vulnerability
Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...
kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()
A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system...
Fedora 20 : libtasn1-3.8-3.fc20 (2015-5182)
backported fix for stack overflow in DER decoder Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:0264)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0264 advisory. This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Satellite 5.6. In a...
OpenJDK: DER decoder infinite loop (Security, 8059485)
A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...
AIX Java Advisory : java_feb2015_advisory.asc (POODLE)
The version of Java SDK installed on the remote host is affected by the following vulnerabilities : - A man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block...
Oracle Java SE 5 < Update 76 / 6 < Update 86 / 7 < Update 73 / 8 < Update 26 Multiple Vulnerabilities
Binary data 8897.prm...
RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:0136)
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0136 advisory. - ICU: font parsing OOB read OpenJDK 2D, 8055489 CVE-2014-6585 - ICU: font parsing OOB read OpenJDK 2D, 8056276 CVE-2014-6591 - OpenJDK:...
OpenJDK: DER decoder infinite loop (Security, 8059485)
A flaw was found in the way the DER Distinguished Encoding Rules decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded...