kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c

The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...

kernel: net: double-free and memory corruption in get_net_ns_by_id()

A use-after-free vulnerability was found in a network namespaces code affecting the Linux kernel since v4.0-rc1 through v4.15-rc5. The function getnetnsbyid does not check for the net::count value after it has found a peer network in netnsids idr which could lead to double free and memory...

Linux kernel denial of service vulnerability (CNVD-2018-06460)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'munlockpagevec' function in the mm/mlock.c file in Linux kernel versions prior to 4.11.4. A local attacker can exploit this...

Linux kernel denial of service vulnerability (CNVD-2017-38518)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in Linux kernel versions 4.9.x through 4.9.71. The vulnerability arises...

CVE-2017-16689

A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SAP KERNEL 64NUC, SAP KERNEL 64Unicode 7.21, 7.21EXT, 7.22, 7.22EXT; SAP KERNEL from 7.21 to 7.22, 7.45, 7.49, can be established to a different client or a different user on the same system, although no explicit Trusted/Trusting...

Linux kernel local denial of service vulnerability (CNVD-2017-33091)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the sound/core/seqdevice.c file in versions of Linux kernel prior to 4.13.4. A local attacker can exploit this vulnerability ...

Linux kernel local denial of service vulnerability (CNVD-2017-33100)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the 'imonprobe' function in the drivers/media/rc/imon.c file in Linux kernel 4.13.11 and earlier versions. A local attacker c...

PT-2017-12392 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.13.5 Description: The issue arises when nested virtualisation is used, and the Linux kernel does not properly traverse guest pagetable entries to resolve a guest virtual address. This allows L1 guest OS users t...

PT-2017-13023 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.12.10 Linux kernel versions prior to 4.9 for KASLR protection mechanism bypass Description: The issue is related to the acpi ps complete final op function in the Linux kernel, which does not properly flush nod...

PT-2017-3733 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 4.7-rc1 through 4.13 Description: A kernel data leak was found due to an out-of-bound read in the Linux kernel. This issue affects the inet diag msg sctp,laddr fill and sctp get sctp info functions, where a data leak...

Amazon Linux AMI : kernel (ALAS-2017-845) (Stack Clash)

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jmp'ed over, this affects Linux Kernel versions 4.11.5 and earlier the stackguard page was introduced in 2010. CVE-2017-1000364 The offset2lib patch as use...

UBUNTU-CVE-2017-1000364

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over the stack guard page is bypassed, this affects Linux Kernel versions 4.11.5 and earlier the stackguard page was introduced in 2010...

kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf

It was reported that with Linux kernel, earlier than version v4.10-rc8, an application may trigger a BUGON in sctpwaitforsndbuf if the socket tx buffer is full, a thread is waiting on it to queue more data, and meanwhile another thread peels off the association being used by the first thread...

Linux kernel denial of service vulnerability (CNVD-2017-06929)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the 'ipxitfioctl' function of the net/ipx/afipx.c file in Linux kernel version 4.11.1 and earlier, which stems from the program...

CVE-2017-0633

An information disclosure vulnerability in the Broadcom Wi-Fi driver could enable a local malicious component to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

CVE-2017-0608

An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

UBUNTU-CVE-2017-0627

An information disclosure vulnerability in the kernel UVC driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

PT-2017-4905 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.x through 4.x Description: The issue is a memory leak in the videobuf subsystem, specifically in the drivers/media/video/videobuf-core.c file. This allows local users to cause a denial of service by consuming memory...

UBUNTU-CVE-2017-0579

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

UBUNTU-CVE-2017-0573

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...