413 matches found
PT-2015-3272 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.3.3 Description: The issue is related to the IPv6 stack in the Linux kernel, which mishandles options data. This can be exploited by local users to gain privileges or cause a denial of service, resulting in a...
DEBIAN-CVE-2014-3636
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to 1 cause a denial of service prevention of new connections and connection drop by queuing the maximum number of file descriptors or 2 cause a denial of service disconnect via multiple messages that combine to have...
CVE-2014-3636
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to 1 cause a denial of service prevention of new connections and connection drop by queuing the maximum number of file descriptors or 2 cause a denial of service disconnect via multiple messages that combine to have...
kernel: net: IP_REPOPTS invalid free
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
kernel: net: IP_REPOPTS invalid free
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
kernel: net: IP_REPOPTS invalid free
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
kernel: net: IP_REPOPTS invalid free
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
Kernel: ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg
The ip6skdstcheck function in net/ipv6/ip6output.c in the Linux kernel before 3.10 allows local users to cause a denial of service system crash by using an AFINET6 socket for a connection to an IPv4 interface...
Design/Logic Flaw
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
CVE-2013-2224
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
CVE-2013-2224
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
CVE-2013-2224
A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux RHEL 6 allows local users to cause a denial of service invalid free operation and system crash or possibly gain privileges via a sendmsg system call with the IPRETOPTS option, as demonstrated by hemlock.c. NOTE: this...
PT-2013-3607 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux RHEL 6 with Linux kernel 2.6.32 Description: The issue allows local users to cause a denial of service, resulting in an invalid free operation and system crash, or possibly gain privileges. This is achieved via a...
DEBIAN-CVE-2013-3237
The vsockstreamsendmsg function in net/vmwvsock/afvsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...
PT-2012-6296 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.5.5 Description: The issue concerns the netlink sendmsg function in the Linux kernel, which fails to validate the dst pid field. This allows local users to potentially spoof Netlink messages, although the exac...
CentOS Update for kernel CESA-2012:0350 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Linux Kernel 2.6.x - rds_recvmsg() Local Information Disclosure
Linux Kernel 2.6.x - rdsrecvmsg Local Information Disclosure / source: https://www.securityfocus.com/bid/54702/info The Linux kernel is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. /...
PT-2011-2920 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking AUN packe...
kernel: L2TP send buffer allocation size overflows
Multiple integer overflows in the 1 pppol2tpsendmsg function in net/l2tp/l2tpppp.c, and the 2 l2tpipsendmsg function in net/l2tp/l2tpip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service heap memory corruption and pani...
kernel: unix socket local dos
The waitforunixgc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service system hang via crafted use of the socketpair and sendmsg system...