FreeBSD : FreeBSD -- Insufficient credential checks in network ioctl(2) (4d87d357-202c-11e3-be06-000c29ee3065)

Problem Description : As is commonly the case, the IPv6 and ATM network layer ioctl request handlers are written in such a way that an unrecognized request is passed on unmodified to the link layer, which will either handle it or return an error code. Network interface drivers, however, assume th...

Oracle Linux 5 : kernel (ELSA-2013-1292-1)

From Red Hat Security Advisory 2013:1292 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...

RHEL 5 : kernel (RHSA-2013:1292)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Kernel: net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled

The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...

FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:12.ifioctl Security Advisory The FreeBSD Project Topic: Insufficient credential checks in network ioctl2 Category: core Module: sysnetinet6 sysnetatm Announced...

FreeBSD-SA-13:12.ifioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:12.ifioctl Security Advisory The FreeBSD Project Topic: Insufficient credential checks in network ioctl2 Category: core Module: sysnetinet6 sysnetatm Announced...

CVE-2013-3495

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...

CVE-2013-3495

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...

Design/Logic Flaw

The vmxsetucmode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service CPU consumption and possibly hypervisor or guest kernel panic via a crafted GFN range...

Code injection

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...

CVE-2013-3495

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...

CVE-2013-3495

CVE-2013-3495 affects the Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x. The vulnerability allows a local guest to cause a denial of service (kernel panic) by sending a malformed Message Signaled Interrupt (MSI) from a bus-master PCI device, triggering a System Error Reporting ...

CVE-2013-2212

The vmxsetucmode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service CPU consumption and possibly hypervisor or guest kernel panic via a crafted GFN range...

CVE-2013-2212

The vulnerability CVE-2013-2212 affects Xen 3.3 through 4.3: the vmx_set_uc_mode function, when caches are disabled, can be abused by local HVM guests with access to memory‑mapped I/O regions to trigger a denial of service (CPU consumption and potential hypervisor or guest kernel panic) via a cra...

Cisco Intrusion Prevention System Jumbo Frame Denial of Service (cisco-sa-20080618-ips)

According to its self-reported version, the version of the Cisco Intrusion Prevention System Software running on the remote host may be vulnerable to a denial of service DoS attack caused by a kernel panic. This is due to the handling of jumbo Ethernet frames when gigabit network interfaces are...

Oracle Linux 5 : kernel (ELSA-2013-0594-1)

From Red Hat Security Advisory 2013:0594 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVS...

Oracle Linux 5 : kernel (ELSA-2008-0885)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-0885 advisory. - sound sndseqosssynthmakeinfo info leak Eugene Teo 458000 458001 CVE-2008-3272 - mm tmpfs: restore missing clearhighpage Eugene Teo 426082...

Oracle Linux 5 : kvm (ELSA-2010-0898)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0898 advisory. - Related: bz639886 CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic rhel-5.5.z - Resolves: bz639886 CVE-2010-3698 kvm: invalid selector in fs/g...

Oracle Linux 4 : kernel (ELSA-2010-0936)

From Red Hat Security Advisory 2010:0936 : Updated kernel packages that fix two security issues and multiple bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVS...