139 matches found
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2417-1)
Nadav Amit reported that the KVM Kernel Virtual Machine mishandles noncanonical addresses when emulating instructions that change the rip Instruction Pointer. A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service system crash of the guest. CVE-2014-3647 A flaw...
CVE-2014-3687
The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service panic via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter...
CVE-2014-3673
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...
CVE-2014-3687
The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service panic via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter...
CVE-2014-3673
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...
CVE-2014-3687
The sctpassoclookupasconfack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service panic via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter...
CVE-2014-3673
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service system crash via a malformed ASCONF chunk, related to net/sctp/smmakechunk.c and net/sctp/smstatefuns.c...
CVE-2014-3688
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service memory consumption by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/smstatefuns.c...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS bas...
CentOS 6 : kernel (CESA-2014:1167)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
Updated kernel-rt packages that fix multiple security issues and one bug are now available for Red Hat Enterprise MRG 2.5. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...
CentOS 7 : kernel (CESA-2014:1023)
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2014:1023 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scorin...
SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 8509 / 8516 / 8518)
The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to version 3.0.101 and also includes various other bug and security fixes. The following features have been added : - Drivers: hv: Support handling multiple VMBUS versions FATE314665. - Drivers: hv: Save and export negotiated vmbus...
Debian DSA-2766-1 : linux-2.6 - privilege escalation/denial of service/information leak
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-2141 Emese Revfy provided a fix for an information leak ...
Debian Security Advisory DSA 2766-1 (linux-2.6 - privilege escalation/denial of service/information leak)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2141 Emese Revfy provided a fix for an information leak in...
CVE-2013-5209
The sctpsendinitiateack function in sys/netinet/sctpoutput.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by readi...
Oracle Linux 5 : kernel (ELSA-2008-1017)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2008-1017 advisory. - drm i915 driver arbitrary ioremap Eugene Teo 464508 464509 CVE-2008-3831 - fs don't allow splice to files opened with OAPPEND Eugene Teo 466709 46671...
CVE-2013-2206
The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...
CVE-2013-2206
The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...