7 matches found
GLSA-201701-14 : LZO: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201701-14 LZO: Multiple vulnerabilities LZO is vulnerable to an integer overflow condition in the lzo1xdecompresssafe function which could result in a possible buffer overrun when processing maliciously crafted compressed input...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20141014)
A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. CVE-2014-5077, Important An integer overflow flaw wa...
Oracle Linux 6 : kernel (ELSA-2014-1392)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1392 advisory. - kernel futex: Fix errors in nested key ref-counting Denys Vlasenko 1094458 CVE-2014-0205 Tenable has extracted the preceding description block direct...
kernel: lzo1x_decompress_safe() integer overflow
An integer overflow flaw was found in the way the lzo1xdecompresssafe function of the Linux kernel's LZO implementation processed Literal Runs. A local attacker could, in extremely rare cases, use this flaw to crash the system or, potentially, escalate their privileges on the system...
Medium: kernel
Issue Overview: arch/x86/kernel/entry32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service OOPS and system crash via an invalid syscall number, as demonstrated by numbe...
CVE-2014-4608
CVE-2014-4608 refers to multiple integer overflows in the LZO decompressor (lzo1x_decompress_safe) in the Linux kernel before 3.15.2, which can cause memory corruption and denial of service via a crafted Literal Run. Some advisories note the Linux kernel is not affected (media hype), while securi...
UBUNTU-CVE-2014-4608
Multiple integer overflows in the lzo1xdecompresssafe function in lib/lzo/lzo1xdecompresssafe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service memory corruption via a crafted Literal Run. NOTE: the author of the LZO...