kernel: nfs: use-after-free in svc_process_common()

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and ...

CVE-2019-15098

A flaw was found in the Linux kernel's implementation of the ath6kl wireless network driver implementation, which could allow an attacker with physical access with custom USB hardware to plug into a rogue USB device that can create a condition where the kernel will panic. Mitigation No mitigation...

CVE-2019-0210

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

CVE-2019-0210

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

DEBIAN-CVE-2019-0210

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

CVE-2019-0210

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

Input validation

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

Out-of-bounds Read

In Apache Thrift, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

CVE-2019-0210

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

CVE-2019-0210

Apache Thrift in versions 0.9.3–0.12.0 has an out-of-bounds read in a Go server using TJSONProtocol/TSimpleJSONProtocol that may panic on invalid input data (CVE-2019-0210). Mitigation via upgrade to newer Thrift versions; Gentoo GLSA 202107-32 recommends >= thrift-0.14.1. Other advisories cor...

CVE-2019-0210

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

[SECURITY] [DSA 4551-1] golang-1.11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4551-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2019 https://www.debian.org/security/faq -...

FreeBSD : FreeBSD -- IPv6 remote Denial-of-Service (4d3d4f64-f680-11e9-a87f-a4badb2f4699)

Due do a missing check in the code of mpulldown9 data returned may not be contiguous as requested by the caller. Impact : Extra checks in the IPv6 code catch the error condition and trigger a kernel panic leading to a remote DoS denial-of-service attack with certain Ethernet interfaces. At this...

CVE-2019-17596

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates...

CVE-2019-17596

Removed by vendor...

[ASA-201910-11] go-pie: denial of service

Arch Linux Security Advisory ASA-201910-11 ========================================== Severity: Medium Date : 2019-10-21 CVE-ID : CVE-2019-17596 Package : go-pie Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1051 Summary ======= The package go-pie before version...

[ASA-201910-12] go: denial of service

Arch Linux Security Advisory ASA-201910-12 ========================================== Severity: Medium Date : 2019-10-21 CVE-ID : CVE-2019-17596 Package : go Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1051 Summary ======= The package go before version 2:1.13.3...

CVE-2018-1065

A flaw was found in the netfilter/iptables subsystem. A user with the netfilter modification capabilities could insert a rule which could panic the system...

F5 Networks BIG-IP : Linux SACK Panic vulnerability (K78234183)

Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments SACKs. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182,...

FreeBSD -- Improper checking in SCTP-AUTH shared key update

Problem Description: The SCTP layer does improper checking when an application tries to update a shared key. Therefore an unprivileged local user can trigger a use-after- free situation, for example by specific sequences of updating shared keys and closing the SCTP association. Impact: Triggering...