kernel: nfnetlink race in NETLINK_NFLOG socket creation

A race-condition flaw was discovered in the kernel's netlink module creation, which can trigger a kernel panic in netlinkrelease-moduleput for local users creating netlink sockets. The flaw is specific to Red Hat Enterprise Linux and does not affect upstream kernels. The nfnetlinklog module must ...

kernel: Creating multiple sockets when SCTP module isn't loaded leads to kernel panic

A NULL pointer dereference flaw was found in the SCTP implementation. A local user could use this flaw to cause a denial of service on the system by triggering a kernel panic when creating multiple sockets in parallel while the system did not have the SCTP module loaded...

kernel: Creating multiple sockets when SCTP module isn't loaded leads to kernel panic

A NULL pointer dereference flaw was found in the SCTP implementation. A local user could use this flaw to cause a denial of service on the system by triggering a kernel panic when creating multiple sockets in parallel while the system did not have the SCTP module loaded...

CVE-2015-8104

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many DB aka Debug exceptions, related to svm.c...

DEBIAN-CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

CVE-2015-8104

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many DB aka Debug exceptions, related to svm.c...

Oracle: Security Advisory (ELSA-2015-3098)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 3396-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3396-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 10, 2015 https://www.debian.org/security/faq -...

UBUNTU-CVE-2015-5307

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by triggering many AC aka Alignment Check exceptions, related to svm.c and vmx.c...

[SECURITY] [DSA 3388-1] ntp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3388-1 [email protected] https://www.debian.org/security/ Kurt Roeckx November 01, 2015 https://www.debian.org/security/faq -...

CVE-2006-7177

MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service system crash via unspecified vectors that lead to a kernel panic in the ieee80211input function, related to "packets coming from a 'malicious' WinXP system."...

CVE-2013-6799

Apple Mac OS X 10.9 allows local users to cause a denial of service memory corruption or panic by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105...

CVE-2010-3873

The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of service heap memory corruption and panic or possibly have unspecified other impact via malformed 1 X25FACCALLINGAE or 2 X25FACCALLEDAE data, related t...

CVE-2006-5649

Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC PPC allows local users to cause a denial of service kernel panic via unspecified vectors...

Ubuntu 14.04 LTS : NTP vulnerabilities (USN-2783-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2783-1 advisory. Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker...

USN-2783-1 ntp vulnerabilities

Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. CVE-2015-5146 Miroslav Lichvar discovered that NTP...

ntp: MITM attacker can force ntpd to make a step larger than the panic threshold

It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that clien...

UBUNTU-CVE-2015-5300

The panicgate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds...

Juniper Junos IPv6 Packet Handling mbuf Chain Corruption DoS (JSA10699)

According to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability due to a flaw related to the processing of IPv6 packets. An unauthenticated, remote attacker can exploit this, via a specially crafted IPv6 packet, to trigger an 'mbuf'...