231 matches found
Important: Red Hat Security Advisory: keepalived security update
An update for keepalived is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
SUSE-SU-2016:2187-1 Security update for collectd
This update for collectd fixes the following issues: - heap overflow in the network plug-in bsc990853, CVE-2016-6254 - add rrdcached plugin to filelist - disable ipvs plugin for now: does not build...
openSUSE Security Update : the Linux Kernel (openSUSE-2016-869)
The openSUSE Leap 42.1 was updated to 4.1.27 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2016-4997: A buffer overflow in 32bit compatsetsockopt iptables handling could lead to a local privilege escalation. bsc986362 - CVE-2016-5829: Multiple heap-based...
The vulnerability of the Linux operating system allows a malicious individual to gain access to confidential information from the kernel’s stack memory.
A vulnerability exists in the doipvsgetctl function in the Linux kernel’s net/netfilter/ipvs/ipvsctl.c file, due to the lack of initialization for certain structures related to the IPVSSOGETTIMEOUT command. Exploiting this vulnerability allows local users to access confidential information from t...
Stack overflow
Multiple stack-based buffer overflows in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 2.6.33, when CONFIGIPVS is used, allow local users to gain privileges by leveraging the CAPNETADMIN capability for 1 a getsockopt system call, related to the doipvsgetctl function, or 2 a setsockopt...
CVE-2013-4588
Multiple stack-based buffer overflows in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 2.6.33, when CONFIGIPVS is used, allow local users to gain privileges by leveraging the CAPNETADMIN capability for 1 a getsockopt system call, related to the doipvsgetctl function, or 2 a setsockopt...
CVE-2013-4588
CVE-2013-4588: In the Linux kernel, before 2.6.33 with CONFIG_IP_VS enabled, multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c (via do_ip_vs_get_ctl and do_ip_vs_set_ctl) permit a local user with CAP_NET_ADMIN to gain privileges through getsockopt/setsockopt. Impact is local...
DEBIAN-CVE-2012-6540
The doipvsgetctl function in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IPVSSOGETTIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
Design/Logic Flaw
The doipvsgetctl function in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IPVSSOGETTIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2012-6540
The doipvsgetctl function in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IPVSSOGETTIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
UBUNTU-CVE-2012-6540
The doipvsgetctl function in net/netfilter/ipvs/ipvsctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IPVSSOGETTIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...