kernel: ipv6: skb is unexpectedly freed

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5.4 Extended Update Support. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores...

Local kernel 2.6.2x kernel panic via pthread

Exploit for linux platform in category local exploits ============================================ Local kernel 2.6.2x kernel panic via pthread ============================================ Exploit Title: Pthread Local Kernel 2.6.2x Kernel Panic Exploit Date: 20 April 2010 Author: mywisdom...

gfs-kmod security, bug fix and enhancement update

0.1.34-12 - Fixes a problem where improper locking commands can crash the system. - Resolves: rhbz571298 0.1.34-11 - Fixes 'Resource tempory unavailable' for EWOULDBLOCK message with flocks on gfs file - Resolves: rhbz515717 0.1.34-10 - Fixes 'Resource tempory unavailable' for EWOULDBLOCK message...

CVE-2010-1188

CVE-2010-1188 details (mode C): A use-after-free in net/ipv4/tcp_input.c of the Linux kernel 2.6 prior to 2.6.20. When IPV6_RECVPKTINFO is set on a listening TCP socket, a SYN packet to a LISTEN socket can trigger the skb being freed improperly, allowing a remote attacker to cause a denial of ser...

CVE-2010-1188

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

CVE-2010-1188

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

Moderate: Red Hat Security Advisory: GFS security and bug fix update

Updated GFS packages that fix one security issue are now available for Red Hat Enterprise Linux 3.9, kernel release 2.4.21-63.EL. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

Linux Kernel SCTP FWD-TSN Handling Buffer Overflow (CVE-2009-0065)

Linux is a popular open-source operating system in which the kernel and other programs related to the operating systems are developed by a group of volunteers. The Linux network protocol stack provides support for Stream Control Transmission Protocol SCTP in addition to more popular transport...

CVE-2010-0148

Cisco Security Agent 5.2 on Linux is affected by a DoS vulnerability (CVE-2010-0148) that can trigger a kernel panic by sending a series of TCP packets. The issue is part of multiple vulnerabilities disclosed in Cisco Security Agent Management Center advisories; the DoS affects Cisco Security Age...

Integer overflow

Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service kernel panic via a negative mixer index number being passed to 1 the azaliaquerydevinfo function in the azalia audio driver src/sys/dev/pci/azalia.c or 2 the...

CVE-2010-0561

Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service kernel panic via a negative mixer index number being passed to 1 the azaliaquerydevinfo function in the azalia audio driver src/sys/dev/pci/azalia.c or 2 the...

CVE-2010-0561

NetBSD kernels (versions 4.0, 5.0, and NetBSD-current before 2010-01-21) are affected by a local denial-of-service vulnerability caused by an integer signedness error in the audio subsystem. Specifically, passing a negative mixer index to azalia_query_devinfo (azalia.c) or hdaudio_afg_query_devin...

CVE-2010-0561

Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service kernel panic via a negative mixer index number being passed to 1 the azaliaquerydevinfo function in the azalia audio driver src/sys/dev/pci/azalia.c or 2 the...

Solaris/Open Solaris UCODE_GET_VERSION IOCTL Denial of Service

No description provided by source. / cve-2010-0453.c -- Patroklos Argyroudis, argp at domain census-labs.com Denial of service kernel panic PoC exploit for the UCODEGETVERSION ioctl NULL pointer dereference vulnerability on Solaris/OpenSolaris: http://www.trapkit.de/advisories/TKADV2010-001.txt...

kernel: ipv6_hop_jumbo remote system crash

The ipv6hopjumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.22 does not properly validate the hop-by-hop IPv6 extended header, which allows remote attackers to cause a denial of service NULL pointer dereference and kernel panic via a crafted IPv6 packet...

CentOS 5 : kernel (CESA-2008:1017)

Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...

kernel: nfsv4: kernel panic in nfs4_proc_lock()

The nfs4proclock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service NULL pointer dereference and panic by sending a certain response containing incorrect file attributes, which trigger attempted use of an...

kernel: nfsv4: kernel panic in nfs4_proc_lock()

The nfs4proclock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service NULL pointer dereference and panic by sending a certain response containing incorrect file attributes, which trigger attempted use of an...

kernel security update

CentOS Errata and Security Advisory CESA-2009:1548 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages...