kernel: Remotely triggerable recursion in GRE code leading to kernel crash

A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...

DEBIAN-CVE-2014-9892

The sndcomprtstamp function in sound/core/compressoffload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted applicatio...

UBUNTU-CVE-2014-9892

The sndcomprtstamp function in sound/core/compressoffload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted applicatio...

UBUNTU-CVE-2012-6703

Integer overflow in the sndcomprallocatebuffer function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service insufficient memory allocation or possibly have unspecified other impact via a crafted...

kernel: buffer overflow with fraglist larger than MAX_SKB_FRAGS + 2 in virtio-net

A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO Generic Receive Offload functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or...

Commands Generated by XenMobile Wizard on NetScaler - SSL Offload

This article will help you when you need to run the wizard more than once for multiple XenMobile environments. This article assumes that you have the following items already installed and configured on the NetScaler: 1. NetScaler IP address NSIP 2. Subnet IP address SNIP 3. DNS Settings 4...

kernel: buffer overflow with fraglist larger than MAX_SKB_FRAGS + 2 in virtio-net

A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO Generic Receive Offload functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or...

Amazon Linux: Security Advisory (ALAS-2013-252)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3349-1 : qemu-kvm - security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2015-5165 Donghai Zhu discovered that the QEMU model of the RTL8139 network card did not sufficiently validate inputs in the C+ mode offload emulation, allowing a malicious guest to read...

DEBIAN-CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors...

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors...

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors...

CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors...

UBUNTU-CVE-2015-5165

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

kernel security, bug fix, and enhancement update

2.6.32-504.30.3 - redhat spec: Update dracut dependency to pull in drbg module Frantisek Hrbata 1241517 1241338 2.6.32-504.30.2 - crypto rng: Remove krng Herbert Xu 1233512 1226418 - crypto drbg: Add stdrng alias and increase priority Herbert Xu 1233512 1226418 - crypto seqiv: Move IV seeding int...

Next Generation Snort IPS: Snort3

The Snort++ project has been hard at work for a while now and we have released the third alpha of the next generation Snort IPS Intrusion Prevention System. This file will show you what Snort++ has to offer and guide you through the steps from download to demo. If you are unfamiliar with Snort yo...

DSA-3060-1 linux - security update

Bulletin has no description...

Debian Security Advisory DSA 3060-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service: CVE-2014-3610 Lars Bull of Google and Nadav Amit reported a flaw in how KVM handles noncanonical writes to certain MSR registers. A privileged guest user can exploit this flaw to cause a denial ...

openSUSE Security Update : kernel (openSUSE-SU-2012:0206-1)

The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used...