101 matches found
CVE-2015-1421
Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT collision that leads to improper...
CVE-2014-9644
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a parenthesized module template expression in the salgname field, as demonstrated by the vfataes expression, a different vulnerability than...
CVE-2014-7825
kernel/trace/tracesyscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service out-of-bounds read and OOPS or bypass the ASLR protection mechanism via a crafted application...
CVE-2014-8086
Race condition in the ext4filewriteiter function in fs/ext4/file.c in the Linux kernel through 3.17 allows local users to cause a denial of service file unavailability via a combination of a write action and an FSETFL fcntl operation for the ODIRECT flag...
CVE-2014-3182
Array index error in the logidjrawevent function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service invalid kfree via a crafted device that provides a malformed REPORTTYPENOTIFDEVICEUNPAIR...
CVE-2014-3185
Multiple buffer overflows in the commandportreadcallback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service memory corruption and system crash v...
CVE-2013-2597
Stack-based buffer overflow in the acdbioctl function in audioacdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that...
CVE-2014-5077
The sctpassocupdate function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and OOPS by starting to establish an association between two endpoints immediately after an...
USN-2285-1: Linux kernel (Quantal HWE) vulnerabilities
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...
Ubuntu: Security Advisory (USN-2269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-2269-1)
Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges. Note that Tenable Network Security has extracted the preceding description block...
USN-2269-1: Linux kernel (Quantal HWE) vulnerability
Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...
Ubuntu: Security Advisory (USN-2262-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2262-1: Linux kernel (Quantal HWE) vulnerabilities
A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service system crash via crafted BPF instructions. CVE-2014-3144 A remainder calculation error was discovered in the socket filter subsystem of the Lin...
Ubuntu: Security Advisory (USN-2237-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Immunity Canvas: LINUX_FUTEX_REQUEUE
Name| linuxfutexrequeue ---|--- CVE| CVE-2014-3153 Exploit Pack| CANVAS Description| Futex Requeue Privilege Escalation Exploit Notes| Repeatability: Multiple times Notes: - Supported 64bit kernels: 3.11.0-13-22-generic - Ubuntu saucy 13.10 3.11.0-13-22-generic - Ubuntu precise 12.04...
USN-2237-1: Linux kernel (Quantal HWE) vulnerability
Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged local user could exploit this flaw to cause a denial of service system crash or gain administrative privileges...
Ubuntu Update for linux-lts-quantal USN-2199-1
Check for the Version of linux-lts-quantal OpenVAS Vulnerability Test $Id: gbubuntuUSN21991.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-lts-quantal USN-2199-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...
USN-2199-1: Linux kernel (Quantal HWE) vulnerability
A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges...
Ubuntu 12.04 LTS : linux-lts-quantal vulnerability (USN-2199-1)
A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges. Note that Tenable Network Security has extracted the preceding description block directly from th...