4827 matches found
Linux Kernel DCCP Socket Use-After-Free
/ This is an announcement for CVE-2017-8824 which is a use-after-free vulnerability I found in Linux DCCP socket. It can be used to gain kernel code execution from unprivileged processes. Youall find in attachment the proof of concept code and the kernel panic log. BUG DETAILS When a socket sock...
Linux Kernel 4.10.5 4.14.3 (Ubuntu) - DCCP Socket Use-After-Free
Linux Kernel 4.10.5 4.14.3 Ubuntu - DCCP Socket Use-After-Free / This is an announcement for CVE-2017-8824 which is a use-after-free vulnerability I found in Linux DCCP socket. It can be used to gain kernel code execution from unprivileged processes. You’ll find in attachment the proof of concept...
Linux Kernel 4.10.5 / < 4.14.3 (Ubuntu) - DCCP Socket Use-After-Free
/ This is an announcement for CVE-2017-8824 which is a use-after-free vulnerability I found in Linux DCCP socket. It can be used to gain kernel code execution from unprivileged processes. You’ll find in attachment the proof of concept code and the kernel panic log. BUG DETAILS When a socket sock...
RHEL 6 : kernel-rt (RHSA-2017:3295)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:3295 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...
EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1291)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in the key management subsystem of the Linux kernel. An update on an uninstantiated key could cause a kernel panic,...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20171115)
Security Fixes : - A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket requires the CAPNETRAW capability could use this...
CentOS 6 : kernel (CESA-2017:3200)
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2017:3200 An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
kernel: Divide-by-zero in __tcp_select_window
A divide-by-zero vulnerability was found in the tcpselectwindow function in the Linux kernel. This can result in a kernel panic causing a local denial of service...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
UBUNTU-CVE-2006-5331
The altivecunavailableexception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIGALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which allows local users to...
CVE-2006-5331
The altivecunavailableexception function in arch/powerpc/kernel/traps.c in the Linux kernel before 2.6.19 on 64-bit systems mishandles the case where CONFIGALTIVEC is defined and the CPU actually supports Altivec, but the Altivec support was not detected by the kernel, which allows local users to...
kernel: Divide-by-zero in __tcp_select_window
A divide-by-zero vulnerability was found in the tcpselectwindow function in the Linux kernel. This can result in a kernel panic causing a local denial of service...
kernel: Divide-by-zero in __tcp_select_window
A divide-by-zero vulnerability was found in the tcpselectwindow function in the Linux kernel. This can result in a kernel panic causing a local denial of service...
kernel: Divide-by-zero in __tcp_select_window
A divide-by-zero vulnerability was found in the tcpselectwindow function in the Linux kernel. This can result in a kernel panic causing a local denial of service...
kernel: xfs: unprivileged user kernel oops
A flaw was found where the XFS filesystem code mishandles a user-settable inode flag in the Linux kernel prior to 4.14-rc1. This can cause a local denial of service via a kernel panic...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
CVE-2017-15299
A vulnerability was found in the key management subsystem of the Linux kernel. An update on an uninstantiated key could cause a kernel panic, leading to denial of service DoS...
CVE-2016-4921
By flooding a Juniper Networks router running Junos OS with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop information for legitimate traffic. In extreme cases, the crafted IPv6 traffic may result in a total resource exhaustion...