K34250741: BIND vulnerability CVE-2015-8000

Security Advisory Description db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a malformed class attribute. CVE-2015-8000 Impact An attack may cause a denial-of-service DoS ...

K30673534: BIND vulnerability CVE-2015-8461

Security Advisory Description Beginning with the September 2015 maintenance releases 9.9.8 and 9.10.3, an error was introduced into BIND 9 which can cause a server to exit after encountering an INSIST assertion failure in resolver.c. CVE-2015-8461 Impact There is no impact; F5 products are not...

SUSE CVE-2005-3805

A locking problem in POSIX timer cleanup handling on exit in Linux kernel 2.6.10 to 2.6.14, when running on SMP systems, allows local users to cause a denial of service deadlock involving process CPU timers...

SUSE CVE-2006-0455

gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also...

SUSE CVE-2007-5500

The waittaskstopped function in the Linux kernel before 2.6.23.8 checks a TASKTRACED bit instead of an exitstate value, which allows local users to cause a denial of service machine crash via unspecified vectors. NOTE: some of these details are obtained from third party information...

SUSE CVE-2009-1337

The exitnotify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAPKILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exitsignal field and then uses an exec system...

SUSE CVE-2009-2426

The connectionedgeprocessrelaycellnotopen function in src/or/relay.c in Tor 0.2.x before 0.2.0.35 and 0.1.x before 0.1.2.8-beta allows exit relays to have an unspecified impact by causing controllers to accept DNS responses that redirect to an internal IP address via unknown vectors. NOTE: some o...

SUSE CVE-2010-4022

The dostandalone function in the MIT krb5 KDC database propagation daemon kpropd in Kerberos 1.7, 1.8, and 1.9, when running in standalone mode, does not properly handle when a worker child process "exits abnormally," which allows remote attackers to cause a denial of service listening process...

SUSE CVE-2010-4248

Race condition in the exitsignal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader...

SUSE CVE-2011-1780

The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service host crash by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread...

SUSE CVE-2011-2484

The adddellistener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service memory and CPU consumption, and bypass the OOM Killer, via a crafted application...

SUSE CVE-2012-0249

Buffer overflow in the ospflsupdlistlsa function in ospfpacket.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a Link State Update aka LS Update packet that is smaller than the length...

SUSE CVE-2012-2885

Double free vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to application exit...

SUSE CVE-2014-3645

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit handler for the INVEPT instruction, which allows guest OS users to cause a denial of service guest OS crash via a crafted application...

SUSE CVE-2015-7185

Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code...

SUSE CVE-2016-2776

buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted query...

SUSE CVE-2017-0375

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service assertion failure and daemon exit in the relaysendendcellfromedge function via a malformed BEGIN cell...

SUSE CVE-2017-0377

Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only considers the exit relay not the exit relay's family, which might allow remote attackers to defeat intended anonymity properties by leveraging the existence of large families...

SUSE CVE-2017-5579

Memory leak in the serialexitcore function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...

SUSE CVE-2018-1000200

The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory OOM killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exitmmap, which calls munlockvmapagesall for mlocked vmas.This can happen...