EUVD-2014-8450

Malware in sbrugna...

PT-2025-18555 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A crash was reported due to list del corruption in the Linux kernel's sctp module. The issue occurs when the last fragment of a message is dequeued from the out curr stream in sctp...

Linux kernel 输入验证错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates in the sctpassociationinit function in the net/sctp module that could trigger an integer overflow, which could...

CVE-2021-3894

A vulnerability was found in the Linux kernel. This flaw allows an unprivileged local user to panic the system, resulting in a denial of service by calling setsockopt2 with specially crafted arguments. The highest threat from this vulnerability is to system availability. Mitigation As the SCTP...

Virtuozzo 7 : readykernel-patch (VZA-2017-065)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the...

Virtuozzo 7 : readykernel-patch (VZA-2017-038)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - The NFS2/3 RPC client could send long arguments to nfsd server. These encoded arguments are stored in an array of...

Race condition

Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...

Oracle Linux 6 : kernel (ELSA-2016-0715)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0715 advisory. - x86 nmi/64: Fix a paravirt stack-clobbering bug in the NMI code Denys Vlasenko 1259580 1259581 CVE-2015-5157 - x86 nmi/64: Switch stacks on userspace...

CVE-2016-1879

The Stream Control Transmission Protocol SCTP module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service assertion failure or NULL pointer dereference and kernel panic via a crafted ICMPv6...

CVE-2016-1879

The Stream Control Transmission Protocol SCTP module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service assertion failure or NULL pointer dereference and kernel panic via a crafted ICMPv6...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20151208)

It was found that the x86 ISA Instruction Set Architecture is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way sequential delivering of benign exceptions such as AC alignment check exception and DB debug exception...

CentOS 7 : kernel (CESA-2015:2552)

Updated kernel packages that fix two security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

CVE-2014-8613

The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service NULL pointer dereference and kernel panic via a crafted RECONFIG chunk...

Null pointer dereference

The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service NULL pointer dereference and kernel panic via a crafted RECONFIG chunk...

CVE-2014-8613

The sctp module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allows remote attackers to cause a denial of service NULL pointer dereference and kernel panic via a crafted RECONFIG chunk...

CVE-2014-8613

CVE-2014-8613 affects FreeBSD SCTP support; vulnerable versions include FreeBSD 8.4 (before p23), 9.3 (before p9), 10.0 (before p17), and 10.1 (before p5). The issue lies in insufficient input validation of received SCTP RE_CONFIG chunks, which can trigger a NULL pointer dereference leading to a ...

CVE-2014-8612

Removed by vendor...

kernel security update

CentOS Errata and Security Advisory CESA-2006:0575 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel...