CVE-2015-5157

arch/x86/entry/entry64.S in the Linux kernel before 4.1.6 on the x8664 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI...

PT-2015-6788 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.1.6 Description: The issue is related to the mishandling of IRET faults in processing NMIs that occurred during userspace execution on the x86 64 platform. This might allow local users to gain privileges by...

Xen compat_iret() Denial of Service Vulnerability

Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. A security vulnerability exists in Xen that allows a local user on a 32-bit PV GUEST system to call the compatiret function to trigger a large number of page faults, causing the...

SUSE SLED12 Security Update : Xerces-C (SUSE-SU-2015:0597-1)

The Xerces-C XML parsing library was updated to fix mishandling certain kinds of malformed input documents, that could have resulted in a segmentation faults during a parse operation, leading to denial of service or potential code execution. bnc920810,CVE-2015-0252 Note that Tenable Network...

DLA-210-1 qt4-x11 - security update

Bulletin has no description...

[SECURITY] [DSA 3198-2] php5 regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3198-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 28, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3198-2] php5 regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3198-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 28, 2015 http://www.debian.org/security/faq -...

Debian DLA-142-1 : privoxy security update

Several vulnerabilities have been fixed in privoxy, a privacy enhancing HTTP proxy : CVE-2015-1031, CID66394 : unmap: Prevent use-after-free if the map only consists of one item. CVE-2015-1031, CID66376 and CID66391 : pcrsexecute: Consistently set result to NULL in case of errors. Should make...

SUSE-SU-2015:0597-1 Security update for Xerces-C

The Xerces-C XML parsing library was updated to fix mishandling certain kinds of malformed input documents, that could have resulted in a segmentation faults during a parse operation, leading to denial of service or potential code execution. bnc920810,CVE-2015-0252...

openSUSE Security Update : privoxy (openSUSE-2015-115)

privoxy was updated to version 3.0.23 to fix three security issues. These security issues were fixed : - Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort CVE-2015-1380. -...

Fedora 21 : privoxy-3.0.23-1.fc21 (2015-1225)

It was reported 1 that Privoxy 3.0.23 contains fixes for the following security issues : - Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Reported by Matthew Daley...

Fedora 20 : privoxy-3.0.23-1.fc20 (2015-1176)

It was reported 1 that Privoxy 3.0.23 contains fixes for the following security issues : - Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Reported by Matthew Daley...

privoxy: denial of service

CVE-2015-1380 denial of service Denial of service issue was found in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. - CVE-2015-1381 segmentation fault Multiple segmentation faults and...

[SECURITY] [DLA 142-1] privoxy security update

Package : privoxy Version : 3.0.16-1+deb6u1 CVE ID : CVE-2015-1031 CVE-2015-1381 CVE-2015-1382 Several vulnerabilities have been fixed in privoxy, a privacy enhancing HTTP proxy: CVE-2015-1031, CID66394: unmap: Prevent use-after-free if the map only consists of one item. CVE-2015-1031, CID66376 a...

DLA-142-1 privoxy - security update

Bulletin has no description...

MGASA-2015-0042 Updated privoxy packages fix security vulnerabilities

Updated privoxy packages fix security issues: Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Fixed multiple segmentation faults and memory leaks in the pcrs code. This...

Updated privoxy packages fix security vulnerabilities

Updated privoxy packages fix security issues: Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Fixed multiple segmentation faults and memory leaks in the pcrs code. This...

privoxy -- multiple vulnerabilities

Privoxy Developers reports: Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Reported by Matthew Daley. CVE-2015-1380. Fixed multiple segmentation faults and memory leaks...

CVE-2014-9322

arch/x86/kernel/entry64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment SS segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space...

IRIX 6.5.x gr_osview Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1526/info Under certain versions of IRIX, the 'grosview' command contains a buffer overflow that local attackers can exploit to gain root privileges. The grosview command produces a graphical display of memory-management...