Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3385-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3385-1 advisory. Andrey Konovalov discovered a race condition in the UDP Fragmentation Offload UFO code in the Linux kernel. A local attacker could use this to cause a...

F5 Networks BIG-IP : TMM vulnerability (K82851041)

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disrupti...

GitLab: Stored XSS on Files overview by abusing git submodule URL

Vulnerability description There's a stored Cross-Site Scripting XSS vulnerability in the Files overview of a project due to the incorrect handling of a git submodule. This allows an attacker to execute JavaScript in a visitor's session. Proof of concept To reproduce the issue, the attacker needs ...

kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash

Linux kernel built with the 802.1Q/802.1ad VLANCONFIGVLAN8021Q OR Virtual eXtensible Local Area NetworkCONFIGVXLAN with Transparent Ethernet BridgingTEB GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could...

kernel: Remotely triggerable recursion in GRE code leading to kernel crash

A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...

kernel: Remotely triggerable recursion in GRE code leading to kernel crash

A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...

kernel: Remotely triggerable recursion in GRE code leading to kernel crash

A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...

kernel: Remotely triggerable recursion in GRE code leading to kernel crash

A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...

XenMobile 10 MDM SSL Offload Configuration

A Citrix XenMobile environment is typically configured with a NetScaler appliance that front ends and load balances the MDM traffic which it passes on to the XenMobile Servers in the backend. This NetScaler can be configured to handle this traffic in either SSL Bridge or SSL Offload mode. Though...

USN-3099-1 linux vulnerabilities

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

USN-3098-1 linux vulnerabilities

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

kernel: Remotely triggerable recursion in GRE code leading to kernel crash

A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...

DEBIAN-CVE-2014-9892

The sndcomprtstamp function in sound/core/compressoffload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted applicatio...

UBUNTU-CVE-2014-9892

The sndcomprtstamp function in sound/core/compressoffload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted applicatio...

UBUNTU-CVE-2012-6703

Integer overflow in the sndcomprallocatebuffer function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service insufficient memory allocation or possibly have unspecified other impact via a crafted...

kernel: buffer overflow with fraglist larger than MAX_SKB_FRAGS + 2 in virtio-net

A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO Generic Receive Offload functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or...

Commands Generated by XenMobile Wizard on NetScaler - SSL Offload

This article will help you when you need to run the wizard more than once for multiple XenMobile environments. This article assumes that you have the following items already installed and configured on the NetScaler: 1. NetScaler IP address NSIP 2. Subnet IP address SNIP 3. DNS Settings 4...

kernel: buffer overflow with fraglist larger than MAX_SKB_FRAGS + 2 in virtio-net

A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO Generic Receive Offload functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or...

Amazon Linux: Security Advisory (ALAS-2013-252)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3349-1 : qemu-kvm - security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2015-5165 Donghai Zhu discovered that the QEMU model of the RTL8139 network card did not sufficiently validate inputs in the C+ mode offload emulation, allowing a malicious guest to read...