Linux Kernel 3.15.6 - PPP-over-L2TP Socket Level Handling Crash (PoC)

/ ---------------------------------------------------------------------------------------------------- cve-2014-4943poc.c The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp...

Ubuntu 14.04 LTS : Linux kernel vulnerability regression (USN-2516-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2516-2 advisory. USN-2516-1 fixed vulnerabilities in the Linux kernel. There was an unrelated regression in the use of the virtual counter CNTVCT on arm64 architectures. This upda...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2517-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2517-1 advisory. A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs....

Ubuntu 10.04 LTS : linux vulnerabilities (USN-2511-1)

A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service memory corruption or panic or possibly have unspecified impact via the keyctl commands. CVE-2014-9529 A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge...

RHEL 5 : kernel (RHSA-2015:0164)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

CentOS 5 : kernel (CESA-2015:0164)

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Ubuntu: Security Advisory (USN-2491-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-8613

The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service NULL pointer dereference and kernel panic via a crafted RECONFIG chunk...

CVE-2014-8613

CVE-2014-8613 affects FreeBSD SCTP support; vulnerable versions include FreeBSD 8.4 (before p23), 9.3 (before p9), 10.0 (before p17), and 10.1 (before p5). The issue lies in insufficient input validation of received SCTP RE_CONFIG chunks, which can trigger a NULL pointer dereference leading to a ...

CVE-2014-8613

Removed by vendor...

CentOS Update for kernel CESA-2015:0102 centos7

Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882114";...

CentOS 7 : kernel (CESA-2015:0102)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20150128)

A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...

RHEL 7 : kernel (RHSA-2015:0102)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:0102 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's SCTP...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

FreeBSD-SA-15:03.sctp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:03.sctp Security Advisory The FreeBSD Project Topic: SCTP stream reset vulnerability Category: core Module: sctp Announced: 2015-01-27 Credits: Gerasimos...

FreeBSD -- SCTP stream reset vulnerability

Problem Description: The input validation of received SCTP RECONFIG chunks is insufficient, and can result in a NULL pointer deference later. Impact: A remote attacker who can send a malformed SCTP packet to a FreeBSD system that serves SCTP can cause a kernel panic, resulting in a Denial of...

Ubuntu: Security Advisory (USN-2462-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-9491

The vulnerability CVE-2014-9491 affects illumos specifically in the devzvol_readdir function, where the code path does not validate the return value of strchr. This can lead to a NULL pointer dereference and a denial of service (panic) via unspecified remote vectors. Documented impact is a partia...