kernel: gro: reset dev and skb_iff on skb reuse

The napireuseskb function in net/core/dev.c in the Generic Receive Offload GRO implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service NULL pointer dereference via a malformed VLAN fra...

CVE-2011-3127

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 does not prevent rendering for 1 admin or 2 login pages inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...

CentOS Update for elinks CESA-2009:1471 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

DEBIAN-CVE-2011-2535

chaniax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x before 1.4.41.1, 1.6.2.x before 1.6.2.18.1, and 1.8.x before 1.8.4.3, and Asterisk Business Edition C.3 before C.3.7.3, accesses a memory address contained in an option control frame, which allows remote attackers to cause a deni...

CVE-2011-0196

AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service out-of-bounds read and reboot via Wi-Fi frames on the local wireless network...

Out-of-bounds

AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service out-of-bounds read and reboot via Wi-Fi frames on the local wireless network...

CVE-2011-0196

AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service out-of-bounds read and reboot via Wi-Fi frames on the local wireless network...

DEBIAN-CVE-2011-2161

The apereadheader function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service application crash via an APE aka Monkey's Audio file that contains a header but no frames...

kernel: gro: reset dev and skb_iff on skb reuse

The napireuseskb function in net/core/dev.c in the Generic Receive Offload GRO implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service NULL pointer dereference via a malformed VLAN fra...

kernel: gro: reset dev and skb_iff on skb reuse

The napireuseskb function in net/core/dev.c in the Generic Receive Offload GRO implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service NULL pointer dereference via a malformed VLAN fra...

PT-2012-1310 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.37 Description: The issue is related to the orinoco ioctl set auth function in the Linux kernel, which does not properly implement a TKIP protection mechanism. This makes it easier for remote attackers to...

CVE-2011-0172

AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service divide-by-zero error and reboot via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162...

Design/Logic Flaw

AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service divide-by-zero error and reboot via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162...

Design/Logic Flaw

Google Chrome before 10.0.648.127 does not prevent 1 navigation and 2 close operations on the top location of a sandboxed frame, which has unspecified impact and remote attack vectors...

MediaWiki < 1.16.1 'Frames Processing Clickjacking' Information Disclosure Vulnerability

MediaWiki is prone to a clickjacking information disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

kernel: igb panics when receiving tag vlan packet

The igbreceiveskb function in drivers/net/igb/igbmain.c in the Intel Gigabit Ethernet aka igb subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization SR-IOV and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service...

libvpx: memory corruption flaw

WebM libvpx aka the VP8 Codec SDK before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via invalid frames...

kernel: e1000 issue reported at 26c3

drivers/net/e1000/e1000main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a craft...

DEBIAN-CVE-2010-4203

WebM libvpx aka the VP8 Codec SDK before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via invalid frames...

CVE-2010-4203

WebM libvpx aka the VP8 Codec SDK before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via invalid frames...