CVE-2007-5938

The iwlsetrate function in compatible/iwl3945-base.c in iwlwifi 1.1.21 and earlier dereferences an iwlgethwmode return value without checking for NULL, which might allow remote attackers to cause a denial of service kernel panic via unspecified vectors during module initialization...

CVE-2007-5938

CVE-2007-5938 describes a NULL pointer dereference in the iwl driver (iwlwifi 1.1.21 and earlier) where iwl_set_rate dereferences the value returned by iwl_get_hw_mode without NULL checking. This can trigger a kernel panic during module initialization, constituting a denial of service. The connec...

GLSA-200711-09 : MadWifi: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200711-09 MadWifi: Denial of Service Clemens Kolbitsch and Sylvester Keil reported an error when processing beacon frames with an overly large 'length' value in the 'xrates' element. Impact : A remote attacker could act as an acce...

SEC Consult SA-20071012-0 :: Madwifi xrates element remote DOS

SEC Consult Security Advisory 20071012-0 =================================================================================== title: Madwifi xrates element remote DOS program: Madwifi linux wlan driver for atheros chipsets vulnerable version: Madwifi = 0.9.3.2 homepage: www.madwifi.org found: July...

CVE-2007-5087

The ATM module in the Linux kernel before 2.4.35.3, when CLIP support is enabled, allows local users to cause a denial of service kernel panic by reading /proc/net/atm/arp before the CLIP module has been loaded...

Linux Kernel Netfilter *_conntrack_proto_sctp.c sctp_new Function Unknown Chunk Type Remote DoS

There is a flaw in the SCTP code included in Linux kernel versions before 2.6.21.4 that results in a kernel panic when an SCTP packet with an unknown chunk type is received. An attacker can leverage this flaw to crash the remote host with a single, possibly forged, packet. C Tenable Network...

RHEL 5 : kernel (RHSA-2007:0099)

Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...

CVE-2007-2529

Integer signedness error in the acl facl system call in Solaris 10 before 20070507 allows local users to cause a denial of service kernel panic and possibly gain privileges via a certain argument, related to ACESETACL...

Integer overflow

Integer signedness error in the acl facl system call in Solaris 10 before 20070507 allows local users to cause a denial of service kernel panic and possibly gain privileges via a certain argument, related to ACESETACL...

CVE-2007-2529

CVE-2007-2529 affects Solaris 10 (before 20070507) with an integer signedness error in the acl (facl) system call. The underlying issue is a signedness bug in ACE_SETACL handling, enabling local users to trigger a denial of service (kernel panic) and potentially escalate privileges. Publicly docu...

CVE-2007-1861

The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...

CVE-2007-1861

The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...

CVE-2007-1861

CVE-2007-1861 affects the Linux kernel prior to 2.6.20.8. The nl_fib_lookup function in net/ipv4/fib_frontend.c can be triggered by NETLINK_FIB_LOOKUP replies, causing infinite recursion and a stack overflow that leads to a kernel panic (denial of service). Open sources in the connected data conf...

CVE-2007-1861

The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...

Mandrake Linux Security Advisory : madwifi-source (MDKSA-2007:082)

The athratesample function in the athrate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service failed KASSERT and system crash by moving a connected system to a location with low signal strength, and possibly other vectors related to a race...

CVE-2006-7177

MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...

CVE-2006-7177

MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...

CVE-2006-7177

MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...

CVE-2007-1653

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service kernel panic via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses...

Code injection

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service kernel panic via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses...