RHEL 4 : kernel (RHSA-2006:0493)

Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...

Linux SCTP ECNE Chunk Handling Remote DoS

There is a flaw in the SCTP code included in Linux kernel versions 2.6.16.x that results in a kernel panic when an SCTP packet with an unexpected ECNE chunk is received in a CLOSED state. An attacker can leverage this flaw to crash the remote host with a single, possibly forged, packet. C Tenable...

Design/Logic Flaw

The ECNE chunk handling in Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service kernel panic via an unexpected chunk when the session is in CLOSED state...

CVE-2006-2272

CVE-2006-2272 affects Linux SCTP (lksctp) in kernel versions before 2.6.17, allowing remote attackers to trigger a denial of service (kernel panic) via SCTP control chunks in fragmented packets. Public references in OpenVAS/Ubuntu/Fedora/Debian advisories confirm the issue and link it with other ...

CVE-2006-2271

The CVE-2006-2271 issue affects the Linux SCTP (lksctp) driver, exposing a vulnerability where the SCTP chunk handling can trigger a kernel panic when a remote peer sends unexpected chunks while the session is in CLOSED state. This has been addressed in upstream stable updates (e.g., Linux kernel...

Linux SCTP Functionality Multiple Remote DoS

There is a flaw in the Linux kernel on the remote host that causes a kernel panic when it receives an SCTP packet with a chunk data packet of length 0. An attacker can leverage this flaw to crash the remote host. Additionally, other types of crafted packets can cause a remote denial of service in...

Fedora Core 4 : kernel-2.6.16-1.2096_FC4 (2006-423)

This update includes a number of security issues that have been fixed upstream over the last week or so. i386/x86-64: Fix x87 information leak between processes CVE-2006-1056 iprouteinput panic fix CVE-2006-1525 fix MADVREMOVE vulnerability CVE-2006-1524 shmat: stop mprotect from giving write...

Fedora Core 5 : kernel-2.6.16-1.2096_FC5 (2006-421)

This update includes a number of security issues that have been fixed upstream over the last week or so. i386/x86-64: Fix x87 information leak between processes CVE-2006-1056 iprouteinput panic fix CVE-2006-1525 fix MADVREMOVE vulnerability CVE-2006-1524 shmat: stop mprotect from giving write...

CVE-2006-1525

iprouteinput in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service panic via a request for a route for a multicast IP address, which triggers a null dereference...

CVE-2006-1525

CVE-2006-1525 affects the Linux kernel 2.6 series (before 2.6.16.8). The vulnerability arises in ip_route_input, where a local user can trigger a NULL pointer dereference by requesting a route for a multicast IP address, leading to a denial of service (panic). Public references in Debian/DSA advi...

ChangeLog-2.6.16.8

commit aa48603d1ba772d0a2b28ab73098be2119878eba Author: Greg Kroah-Hartman [email protected] Date: Tue Apr 18 14:32:07 2006 -0700 Linux 2.6.16.8 commit a0b277b4fdcbc24c26af7c5d019e9448a51c79cf Author: Stephen Hemminger [email protected] Date: Mon Apr 17 17:27:11 2006 -0700 PATCH iprouteinput panic...

panic-reloaded - TCP Denial of Service Tool

/ ----------------------------------------------------------------------------- / \ / / / / / / / / / / / / / / / / / // / / // / / / / // // // / / / / / / // // ,/ ,/ // / Security Community ----------------------------------------------------------------------------- Software for...

panic-reloaded TCP Denial of Service Tool

Exploit for multiple platform in category dos / poc ========================================= panic-reloaded TCP Denial of Service Tool ========================================= / ----------------------------------------------------------------------------- / \ / / / / / / / / / / / / / / / / / /...

Malformed ICMP Packets May Cause a Denial of Service (SCTP)

It is possible to crash the remote host by sending it malformed ICMP packets. Description : Linux Kernels older than version 2.6.13 contains a bug which may allow an attacker to cause a NULL pointer dereference by sending malformed ICMP packets, thus resulting in a kernel panic. This flaw is...

CVE-2006-1092

Technical details about CVE-2006-1092 are not present in the provided connected documents. Public information is limited to the existing description. Monitor for updates.

CVE-2006-0555

The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service NFS client panic via unknown attack vectors related to the use of ODIRECT direct I/O...

Design/Logic Flaw

The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service NFS client panic via unknown attack vectors related to the use of ODIRECT direct I/O...

CVE-2006-0555

The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service NFS client panic via unknown attack vectors related to the use of ODIRECT direct I/O...

Fedora Core 4 : kernel-2.6.15-1.1833_FC4 (2006-131)

This update rebases to the latest -stable release 2.6.15.5, which fixes a number of security problems. - sysmbind failed to sanity check its arguments, leading to a potential local DoS. - A specially crafted ELF executable could cause Intel EM64T boxes to crash. CVE-2006-0741 - Normal users could...

CVE-2005-3359

CVE-2005-3359 affects Linux kernel 2.6.x (atm module) where certain socket calls can produce inconsistent references counts on loadable protocol modules, enabling a local user to trigger a denial of service (panic). Publicly documented in Debian/DSA-1103-1 and Red Hat/CESA-RHSA-2006:0493 style ad...