CVE-2015-8324

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service NULL pointer dereference and panic via a crafted USB device, related to the ext4fillsuper...

CVE-2015-8324

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service NULL pointer dereference and panic via a crafted USB device, related to the ext4fillsuper...

CVE-2015-4178

The fspin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service system crash by leveraging user-namespace root access for an MNTDETACH umount2 system call, related to...

CVE-2015-8324

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service NULL pointer dereference and panic via a crafted USB device, related to the ext4fillsuper...

CVE-2015-4178

Technical details about CVE-2015-4178 are not publicly provided in the connected documents. The materials reference the vulnerability generally; monitor for updates from official advisories.

CVE-2015-8324

The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service NULL pointer dereference and panic via a crafted USB device, related to the ext4fillsuper...

Linux kernel-table levels denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the fork implementation of Linux kernel versions prior to 4.5 on the s390 platform, which stems from the program failing to properl...

CVE-2016-3156

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service host OS networking outage by arranging for a large number of IP addresses...

CVE-2016-3156

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service host OS networking outage by arranging for a large number of IP addresses...

CVE-2016-2143

The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service system crash or possibly have unspecified other impact via a crafted application, related to...

CVE-2015-8844

The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for an MSR with both the S and T bits set, which allows local users to cause a denial of service TM Bad Thing exception and panic via a crafted application...

CVE-2016-3156

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service host OS networking outage by arranging for a large number of IP addresses...

CVE-2016-2143

The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page-table levels, which allows local users to cause a denial of service system crash or possibly have unspecified other impact via a crafted application, related to...

CVE-2016-3156

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service host OS networking outage by arranging for a large number of IP addresses...

Design/Logic Flaw

The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client-server data stream...

CVE-2016-2114

CVE-2016-2114 affects Samba’s SMB1 server signing default. The flaw: SMB signing is not enforced when Samba runs as a domain controller, allowing a man-in-the-middle to modify traffic and spoof the server. Affected upstream releases include Samba 4.x before 4.2.11 (and 4.3.x before 4.3.8, 4.4.x b...

Critical: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2016-1384

The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898...

Code injection

The NTP implementation in Cisco IOS 15.1 and 15.5 and IOS XE 3.2 through 3.17 allows remote attackers to modify the system time via crafted packets, aka Bug ID CSCux46898...

CVE-2016-1653

The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code that triggers an out-of-bounds write operation, related...