CVE-2006-7051

The systimercreate function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service memory consumption and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but are...

CVE-2015-3335

The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandboxlinux/naclsandboxlinux.cc in Google Chrome before 42.0.2311.90 does not have RLIMITAS and RLIMITDATA limits for Native Client aka NaCl processes, which might make it easier for remote attackers to conduct...

Denial of service - CPU loop and memory allocation.

Description All current released versions of Samba are vulnerable to a denial of service on an authenticated or guest connection. A malformed packet can cause the smbd server to loop the CPU performing memory allocations and preventing any further service. A connection to a file share, or a local...

kernel security and bug fix update

2.6.32-279.5.1.el6 - net 8021q/vlan: filter device events on bonds Neil Horman 842429 841983 2.6.32-279.4.1.el6 - fs proc: stats: Use archidletime for idle and iowait times if available Steve Best 841579 841149 - drm i915: fix integer overflow in i915gemexecbuffer2 Jacob Tanenbaum 824553 824555...

Buffer overflow

The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...

CVE-2010-2531

The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...

libpng stalls on highly compressed ancillary chunks

Overview Libpng stalls and consumes large quantities of memory while processing certain Portable Network Graphics PNG files. Description When processing PNG files containing highly compressed ancillary chunks, the pngdecompresschunk function in libpng can consume large amounts of CPU time and...

CVE-2006-3005

The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service memory exhaustion via a crafted JPEG file that exceeds the intended memory limits...

security flaw

Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service CPU and memory consumption and bypass RLIMMEMLOCK limits via the mlockall call...

CVE-2005-0179

Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service CPU and memory consumption and bypass RLIMMEMLOCK limits via the mlockall call...

CVE-2004-0491

The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit...

RHEL 2.1 : php (RHSA-2002:129)

PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. updated 22 Aug 2002 The initial set of errata packages contained an incorrect set of dependencies. This meant that a number of packages would need to be installed before php that were not...

Important: Red Hat Security Advisory: : : : New PHP packages fix vulnerabilities

Updated PHP packages are available for Red Hat Linux on IBM iSeries and pSeries systems. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command...

(RHSA-2002:214) php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA such as sendmail in the 5th argument to mail, altering MTA...

Important: Red Hat Security Advisory: php security update

PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. updated 22 Aug 2002 The initial set of errata packages contained an incorrect set of dependencies. This meant that a number of packages would need to be installed before php that were not...

Linux Kernel 2.2.122.2.142.3.99 (RedHat 6.x) - Socket Denial of Service

Linux Kernel 2.2.122.2.142.3.99 RedHat 6.x - Socket Denial of Service / source: https://www.securityfocus.com/bid/1072/info A denial of service exists in Linux kernels, as related to Unix domain sockets ignoring limits as set in /proc/sys/net/core/wmemmax. By creating successive Unix domain...

Linux Kernel 2.2.12/2.2.14/2.3.99 (RedHat 6.x) - Socket Denial of Service

/ source: https://www.securityfocus.com/bid/1072/info A denial of service exists in Linux kernels, as related to Unix domain sockets ignoring limits as set in /proc/sys/net/core/wmemmax. By creating successive Unix domain sockets, it is possible to cause a denial of service in some versions of th...