CVE-2012-3549

The SCTP implementation in FreeBSD 8.2 allows remote attackers to cause a denial of service NULL pointer dereference and kernel panic via a crafted ASCONF chunk...

CVE-2012-3549

The CVE-2012-3549 entry involves the SCTP implementation in FreeBSD 8.2, where remote attackers can trigger a denial of service (NULL pointer dereference and kernel panic) by sending a crafted ASCONF chunk. The vulnerability is rooted in the FreeBSD 8.2 SCTP stack handling of ASCONF, leading to a...

Ubuntu Update for linux USN-1567-1

Ubuntu Update for Linux kernel vulnerabilities USN-1567-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15671.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for linux USN-1567-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

USN-1567-1: Linux kernel vulnerabilities

A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service panic. CVE-2012-2745 Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO TCP...

Security Advisory 0002

Security Advisory 0002 PDF Date: 9/12/2012 Affected Software Version: EOS-4.8.0 through EOS-4.8.7, EOS-4.9.0 through EOS-4.9.5, EOS-4.10, EOS-4.10.1 Note: You must have IPv6 addresses configured on your system for this to affect you. Bug 39915: Null pointer dereference in nfconntrackipv6 Impact: ...

Race condition

The Linux kernel before 3.4.5 on the x86 platform, when Physical Address Extension PAE is enabled, does not properly use the Page Middle Directory PMD, which allows local users to cause a denial of service panic via a crafted application that triggers a race condition...

CVE-2012-2745

CVE-2012-2745 affects the Linux kernel prior to 3.3.2. The copy_creds function in kernel/cred.c may provide an invalid replacement session keyring to a child process, allowing local users to cause a denial of service (panic) via a crafted fork. Affected: Linux kernel

FreeBSD Kernel SCTP Remote NULL Ptr Dereference DoS

Exploit for freebsd platform in category dos / poc / FreeBSD kernel SCTP latest release remote NULL ptr dereference DoS by Shaun Colley , 2 Aug 2012 The SCTP implementation used by FreeBSD "reference implementation" is vulnerable to a remote NULL pointer dereference in kernel due to a logic bug...

FreeBSD - SCTP Remote NULL Ptr Dereference Denial of Service

/ FreeBSD kernel SCTP latest release remote NULL ptr dereference DoS by Shaun Colley , 2 Aug 2012 The SCTP implementation used by FreeBSD "reference implementation" is vulnerable to a remote NULL pointer dereference in kernel due to a logic bug. When parsing ASCONF chunks, an attempt is made to...

Scientific Linux Security Update : libvirt on SL5.x i386/x86_64

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

This update fixes the following security issues : - A missing boundary check was found in the dvbcaioctl function in the Linux kernel's av7110 module. On systems that use old DVB cards that require the av7110 module, a local, unprivileged user could use this flaw to cause a denial of service or...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

A flaw was found in the handling of IEEE 802.11 frames, which affected several wireless LAN modules. In certain situations, a remote attacker could trigger this flaw by sending a malicious packet over a wireless network, causing a denial of service kernel crash. CVE-2007-4997, Important A memory...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

Security fixes : - NULL pointer dereference flaws in the r128 driver. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. CVE-2009-3620,...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

These updated packages fix the following security issues : - the absence of a protection mechanism when attempting to access a critical section of code has been found in the Linux kernel open file descriptors control mechanism, fcntl. This could allow a local unprivileged user to simultaneously...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

These updated kernel packages fix the following security issues : A flaw was found in the virtual filesystem VFS. A local unprivileged user could truncate directories to which they had write permission; this could render the contents of the directory inaccessible. CVE-2008-0001, Important A flaw...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

These updated packages fix the following security issues : - a possible kernel memory leak was found in the Linux kernel Simple Internet Transition SIT INET6 implementation. This could allow a local unprivileged user to cause a denial of service. CVE-2008-2136, Important - a flaw was found in the...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

Security fixes : - A flaw in sctppacketconfig in the Linux kernel's Stream Control Transmission Protocol SCTP implementation could allow a remote attacker to cause a denial of service. CVE-2010-3432, Important - A missing integer overflow check in sndctlnew in the Linux kernel's sound subsystem...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

Security fixes : - a logic error was found in the dosetlk function of the Linux kernel Network File System NFS implementation. If a signal interrupted a lock request, the local POSIX lock was incorrectly created. This could cause a denial of service on the NFS server if a file descriptor was clos...

Scientific Linux Security Update : GFS on SL3.x i386/x86_64

A flaw was found in the gfslock implementation. The GFS locking code could skip the lock operation for files that have the SISGID bit set-group-ID on execution in their mode set. A local, unprivileged user on a system that has a GFS file system mounted could use this flaw to cause a kernel panic...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

These new kernel packages contain fixes for the security issues described below : - a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a denial of service or potential remote access. Exploitation would require the attacker to be able to send arbitrary frames over the ISDN netwo...