115 matches found
kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference
The cipsov4validate function in net/ipv4/cipsoipv4.c in the Linux kernel before 3.4.8 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via an IPOPTCIPSO IPOPTIONS setsockopt system call...
PT-2012-1505 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.39 Description: The issue is related to the sco sock getsockopt old function in the Linux kernel, which does not properly initialize a certain structure. This allows local users to potentially obtain sensiti...
kernel: bt sco_conninfo infoleak
The scosockgetsockoptold function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCOCONNINFO option...
kernel: possible kernel oops from user MSS
The dotcpsetsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCPMAXSEG aka MSS values, which allows local users to cause a denial of service OOPS via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect u...
Linux kernel dccp_setsockopt_change() integer overflow
Integer overflow in the dccpsetsockoptchange function in net/dccp/proto.c in the Datagram Congestion Control Protocol DCCP subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service panic via a crafted integer value, related to Change L and Chan...
security flaw
The doipv6setsockopt function in net/ipv6/ipv6sockglue.c in Linux kernel before 2.6.20, and possibly other versions, allows local users to cause a denial of service oops by calling setsockopt with the IPV6RTHDR option name and possibly a zero option length or invalid option value, which triggers ...
VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2006-0006 Synopsis: VMware ESX Server 2.5.3 Upgrade Patch 4 Patch URL: http://www.vmware.com/download/esx/esx-253-200610-patch.html...
VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2006-0005 Synopsis: VMware ESX Server 2.5.4 Upgrade Patch 1 Patch URL: http://www.vmware.com/download/esx/esx-254-200610-patch.html...
CVE-2006-3202
The ip6savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service crash by creating an IPv4-mapped IPv6 socket with the...
CVE-2005-4782
NetBSD 2.0 before 2.0.4, 2.1 before 2.1.1, and 3, when the kernel is compiled with "options DIAGNOSTIC," allows local users to cause a denial of service kernel assertion panic via a negative linger time in the SOLINGER socket option...
Sun Solaris SCTP socket option DoS
No description provided...
CVE-2005-3238
Affected software: Solaris 10. The CVE-2005-3238 entry describes multiple unspecified vulnerabilities in SCTP Socket Option Processing that can be exploited locally to cause a denial of service (panic). The available sources indicate local-access impact with no details on the exact root cause, vu...
CVE-2004-2013
Integer overflow in the SCTPSOCKOPTDEBUGNAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory...
CVE-2004-2013
Integer overflow in the SCTPSOCKOPTDEBUGNAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory...
PT-2004-2909 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.4.25 and earlier Description: The issue is related to an integer overflow in the SCTP SOCKOPT DEBUG NAME SCTP socket option in socket.c. This overflow allows local users to execute arbitrary code via an optlen value of...