CVE-2007-2529

CVE-2007-2529 affects Solaris 10 (before 20070507) with an integer signedness error in the acl (facl) system call. The underlying issue is a signedness bug in ACE_SETACL handling, enabling local users to trigger a denial of service (kernel panic) and potentially escalate privileges. Publicly docu...

CVE-2007-1861

The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...

CVE-2007-1861

The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...

CVE-2007-1861

CVE-2007-1861 affects the Linux kernel prior to 2.6.20.8. The nl_fib_lookup function in net/ipv4/fib_frontend.c can be triggered by NETLINK_FIB_LOOKUP replies, causing infinite recursion and a stack overflow that leads to a kernel panic (denial of service). Open sources in the connected data conf...

CVE-2007-1861

The nlfiblookup function in net/ipv4/fibfrontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service kernel panic via NETLINKFIBLOOKUP replies, which trigger infinite recursion and a stack overflow...

CVE-2007-2267

Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 before 20070424 allows remote authenticated users, operating from a different cluster node, to cause a denial of service data corruption or sendmondo panic via unspecified vectors, as demonstrated by EMC Symcli backup software...

Mandrake Linux Security Advisory : madwifi-source (MDKSA-2007:082)

The athratesample function in the athrate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service failed KASSERT and system crash by moving a connected system to a location with low signal strength, and possibly other vectors related to a race...

CVE-2006-7177

MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...

CVE-2006-7177

MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...

CVE-2006-7177

MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...

CVE-2007-1653

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service kernel panic via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses...

Code injection

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service kernel panic via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses...

CVE-2007-1653

Affected product: GlowWorm FW. Vulnerable component/function: DNS packet parsing in TrueDNS. Root cause: DNS responses triggering infinite recursion leading to a kernel panic. Impact: Denial of service via remote attackers over network. Observed with certain responses (e.g., login.yahoo.com); no ...

CVE-2007-1653

GlowWorm FW before 1.5.3b4 allows remote attackers to cause a denial of service kernel panic via certain DNS responses that trigger infinite recursion in TrueDNS packet parsing, as originally observed with certain login.yahoo.com responses...

Mac OS X kernel "fpathconf()" syscall fails to properly handle unknown file types

Overview A vulnerability in the Mac OS X kernel could allow an authenticated local attacker to cause a denial of service. Description The fpathconf system call provides a method for applications to determine the current value of a configurable system limit or option variable associated with a fil...

Important: kernel security update

2.6.9-42.0.10.0.1 -Fix bonding primary=ethX so it picks correct network Bert Barbe IT 101532 ORA 5136660 2.6.9-42.0.10 -fix key serial number collision problem David Howells 227495 CVE-2007-0006 -fix audit panic on watched files Eric Paris 223129 CVE-2007-0001 2.6.9-42.0.9 -fix icmp oops in sctp...

CVE-2007-0001

The file watch implementation in the audit subsystem auditctl -w in the Red Hat Enterprise Linux RHEL 4 kernel 2.6.9 allows local users to cause a denial of service kernel panic by replacing a watched file, which does not cause the watch on the old inode to be dropped...

security flaw

The file watch implementation in the audit subsystem auditctl -w in the Red Hat Enterprise Linux RHEL 4 kernel 2.6.9 allows local users to cause a denial of service kernel panic by replacing a watched file, which does not cause the watch on the old inode to be dropped...

Mandrake Linux Security Advisory : kernel (MDKSA-2006:197)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : Bugs in the netfilter for IPv6 code, as reported by Mark Dowd, were fixed CVE-2006-4572. The ATM subsystem of the Linux kernel could allow a remote attacker to cause a Denial of Service panic via unknown vectors that cau...

Mandrake Linux Security Advisory : kernel (MDKSA-2007:012)

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The blockprepatewrite function in the 2.6 kernel before 2.6.13 does not properly clear buffers during certain error conditions, which allows users to read portions of files that have been unlinked CVE-2006-4813. The...