EUVD-2017-11815

Malware in sbrugna...

K30737254: Linux kernel vulnerability CVE-2017-2671

Security Advisory Description The pingunhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service panic by leveraging...

glibc security, bug fix, and enhancement update

2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...

CVE-2017-2671

CVE-2017-2671 affects the Linux kernel ping_unhash in net/ipv4/ping.c. The issue is that a lock is obtained too late, failing to guarantee safety for disconnect calls, enabling a local attacker to trigger a denial of service (panic) by leveraging IPPROTO_ICMP in a socket syscall. Public reference...

CVE-2015-3636

The pingunhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service use-after-free and system crash by leveraging the ability to make a...

CVE-2015-3636

The pingunhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service use-after-free and system crash by leveraging the ability to make a...