4356 matches found
xen-tools -- qemu incautious about shared ring processing
The Xen Project reports: The compiler can emit optimizations in qemu which can lead to double fetch vulnerabilities. Specifically data on the rings shared between qemu and the hypervisor which the guest under control can obtain mappings of can be fetched twice during which time the guest can alte...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-118.14.2 - aacraid: Check size values after double-fetch from user Dave Carroll Orabug: 25060050 CVE-2016-6480 CVE-2016-6480 - IB/srpt: Simplify srpthandletskmgmt Bart Van Assche Orabug: 25060011 CVE-2016-6327 - audit: fix a double fetch in auditlogsingleexecvearg Paul Moore...
ALPINE-CVE-2016-8576
The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...
UBUNTU-CVE-2016-8576
The xhciringfetch function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging failure to limit the number of link Transfer Request Blocks TRB to process...
Mirai Botnet - Binary Fetch Detection
Binary data 9750.prm...
UBUNTU-CVE-2016-7964
The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...
Debian DSA-3659-1 : linux - security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts. - CVE-2016-5696 Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, and Srikanth V. Krishnamurthy of the University of California, Riverside; and Lisa M...
DEBIAN-CVE-2016-6516
Race condition in the ioctlfilededuperange function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service heap-based buffer overflow or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability...
CVE-2016-6516
Race condition in the ioctlfilededuperange function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service heap-based buffer overflow or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability...
CVE-2016-6480
Race condition in the ioctlsendfib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service out-of-bounds access or system crash by changing a certain size value, aka a "double fetch" vulnerability...
CVE-2016-6480
Race condition in the ioctlsendfib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service out-of-bounds access or system crash by changing a certain size value, aka a "double fetch" vulnerability...
CVE-2016-6156
Race condition in the ecdeviceioctlxcmd function in drivers/platform/chrome/crosecdev.c in the Linux kernel before 4.7 allows local users to cause a denial of service out-of-bounds array access by changing a certain size value, aka a "double fetch" vulnerability...
DEBIAN-CVE-2016-6156
Race condition in the ecdeviceioctlxcmd function in drivers/platform/chrome/crosecdev.c in the Linux kernel before 4.7 allows local users to cause a denial of service out-of-bounds array access by changing a certain size value, aka a "double fetch" vulnerability...
CVE-2016-6136
Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability...
DEBIAN-CVE-2016-6136
Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability...
Race condition
Race condition in the ecdeviceioctlxcmd function in drivers/platform/chrome/crosecdev.c in the Linux kernel before 4.7 allows local users to cause a denial of service out-of-bounds array access by changing a certain size value, aka a "double fetch" vulnerability...
Race condition
Race condition in the ioctlfilededuperange function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service heap-based buffer overflow or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability...
Race condition
Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerability...
Race condition
Race condition in the ioctlsendfib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service out-of-bounds access or system crash by changing a certain size value, aka a "double fetch" vulnerability...
UBUNTU-CVE-2016-6516
Race condition in the ioctlfilededuperange function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service heap-based buffer overflow or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability...