11 matches found
CVE-2019-20096
In the Linux kernel before 5.1, there is a memory leak in featregistersp in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b...
kernel: a null pointer dereference in net/dccp/output.c:dccp_write_xmit() leads to a system crash
A null pointer dereference in dccpwritexmit function in net/dccp/output.c in the Linux kernel allows a local user to cause a denial of service by a number of certain crafted system calls...
kernel security and bug fix update
2.6.32-754.OL6 - Update genkey bug 25599697 2.6.32-754 - powerpc 64s: Add support for a store forwarding barrier at kernel entry/exit Mauricio Oliveira 1581053 CVE-2018-3639 - x86 amd: Disable AMD SSBD mitigation in a VM Waiman Long 1580360 - x86 specctrl: Fix late microcode problem with AMD Waim...
Linux kernel denial of service vulnerability (CNVD-2018-10796)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'dccpwritexmit' function in the net/dccp/output.c file in versions of Linux kernel prior to 4.16-rc7. A local attacker can explo...
CVE-2017-8824
CVE-2017-8824 affects the Linux kernel DCCP implementation. The bug is a use-after-free in dccp_disconnect (net/dccp/proto.c) that can be triggered by an AF_UNSPEC connect while in the DCCP_LISTEN state, allowing a local user to escalate privileges or cause a denial of service. Public advisories ...
Null pointer dereference
net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by leveraging the CAPNETADMIN capability for a certain 1 sender or 2 receiver getsockopt call...
Design/Logic Flaw
The ccid3hctxgetsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2012-6541
The ccid3hctxgetsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...
CVE-2013-1827
net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by leveraging the CAPNETADMIN capability for a certain 1 sender or 2 receiver getsockopt call...
Linux Kernel DCCP多个本地信息泄露漏洞
Linux是一款开放源代码的操作系统。 Linux针对DCCP支持存在多个问题,本地攻击者可以利用漏洞访问敏感信息。 问题存在于net/dccp/proto.c文件中的dodccpgetsockopt函数: ----------------------- static int dodccpgetsockoptstruct sock sk, int level, int optname, char user optval, int user optlen ... if getuserlen, optlen return -EFAULT; if len sizeofint return...
[Full-disclosure] Linux Kernel DCCP Memory Disclosure Vulnerability
Linux Kernel DCCP Memory Disclosure Vulnerability Synopsis: The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to steal data from the kernel memory. Vulnerable Systems: Linux Kernel Versions: = 2.6.20 with DCCP support enabled. Kernel versions 2.6.20 lack...