FreeBSD : FreeBSD -- Insufficient credential checks in network ioctl(2) (4d87d357-202c-11e3-be06-000c29ee3065)

Problem Description : As is commonly the case, the IPv6 and ATM network layer ioctl request handlers are written in such a way that an unrecognized request is passed on unmodified to the link layer, which will either handle it or return an error code. Network interface drivers, however, assume th...

Oracle Linux 5 : kernel (ELSA-2013-1292-1)

From Red Hat Security Advisory 2013:1292 : Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...

RHEL 5 : kernel (RHSA-2013:1292)

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

Kernel: net: panic while pushing pending data out of a IPv6 socket with UDP_CORK enabled

The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...

CVE-2013-1029

The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service panic via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser...

CVE-2013-1029

CVE-2013-1029 affects Apple Mac OS X kernel prior to 10.8.5. The issue arises from an incorrect, extraneous code path in the IGMP parser that, when processing crafted IGMP packets, can trigger a kernel panic and thus a denial of service. The vulnerability is exploitable remotely via IGMP traffic....

FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:12.ifioctl Security Advisory The FreeBSD Project Topic: Insufficient credential checks in network ioctl2 Category: core Module: sysnetinet6 sysnetatm Announced...

FreeBSD-SA-13:12.ifioctl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:12.ifioctl Security Advisory The FreeBSD Project Topic: Insufficient credential checks in network ioctl2 Category: core Module: sysnetinet6 sysnetatm Announced...

CVE-2013-3495

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...

CVE-2013-2212

The vmxsetucmode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service CPU consumption and possibly hypervisor or guest kernel panic via a crafted GFN range...

CVE-2013-3495

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...

Design/Logic Flaw

The vmxsetucmode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service CPU consumption and possibly hypervisor or guest kernel panic via a crafted GFN range...

Code injection

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...

CVE-2013-3495

The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service kernel panic via a malformed Message Signaled Interrupt MSI from a PCI device that is bus mastering capable that triggers a System Error Reporting SERR Non-Maskable Interrupt NMI...

CVE-2013-3495

CVE-2013-3495 affects the Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x. The vulnerability allows a local guest to cause a denial of service (kernel panic) by sending a malformed Message Signaled Interrupt (MSI) from a bus-master PCI device, triggering a System Error Reporting ...

CVE-2013-2212

The vulnerability CVE-2013-2212 affects Xen 3.3 through 4.3: the vmx_set_uc_mode function, when caches are disabled, can be abused by local HVM guests with access to memory‑mapped I/O regions to trigger a denial of service (CPU consumption and potential hypervisor or guest kernel panic) via a cra...

CVE-2013-2212

The vmxsetucmode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service CPU consumption and possibly hypervisor or guest kernel panic via a crafted GFN range...

kernel security and bug fix update

kernel 2.6.18-348.16.1 - x8664 Fix kdump failure due to 'x8664: Early segment setup' Paolo Bonzini 988251 987244 - xen skip tracing if it was disabled instead of dying Igor Mammedov 987976 967053 - ia64 fix KABI breakage on ia64 Prarit Bhargava 966878 960783 - x86 fpu: fix CONFIGPREEMPT=y...

Cisco Intrusion Prevention System Jumbo Frame Denial of Service (cisco-sa-20080618-ips)

According to its self-reported version, the version of the Cisco Intrusion Prevention System Software running on the remote host may be vulnerable to a denial of service DoS attack caused by a kernel panic. This is due to the handling of jumbo Ethernet frames when gigabit network interfaces are...