kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

Denial Of Service (DoS)

SpamAssassin is vulnerable to Denial Of Service DoS. A local user could use this flaw to create or overwrite files writable by the spamd process...

CVE-2020-1621 Junos OS Evolved: Configd leaks hashes via stream and is world readable

A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. This issue affects all versions of Junos OS Evolved prior to 19.3R1...

kernel: infiniband: uverbs: unprotected physical memory access

It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the uverbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate...

CentOS Update for kernel CESA-2007:1049 centos3 i386

Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2007:1049 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

pam_krb5 existing_ticket permission flaw

pamkrb5 2.2.14 in Red Hat Enterprise Linux RHEL 5 and earlier, when the existingticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename a...

blogtorrent remote/local user password disclosure

noglobal security http://noglobal.secnet.org/ | |/ / | / | || || | ||| || | | || |/||||||/ You think you know? but you have no idea.. || | / Security Advisory 2005-0x00 Software: BlogTorrent 0.92 = Vendor: http://www.blogtorrent.com/ Author: LazyCrs && pjphem Date: 10/07/2005 Type: Remote/Local...