Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the Linux kernel splice implementation. This could cause a local denial of service when there is a certain failure in the addtopagecachelru function...

Frida API Fuzzer - This Experimetal Fuzzer Is Meant To Be Used For API In-Memory Fuzzing

This experimental fuzzer is meant to be used for API in-memory fuzzing. The design is highly inspired and based on AFL/AFL++. ATM the mutator is quite simple, just the AFL's havoc and splice stages. I tested only the examples under tests/, this is a WIP project but is known to works at least on...

Kernel update: Virtuozzo ReadyKernel patch 92.0 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0

The cumulative Virtuozzo ReadyKernel patch was updated with stability fixes. The patch applies to the kernels 3.10.0-693.21.1.vz7.48.2 Virtuozzo 7.0.7 HF3, 3.10.0-862.9.1.vz7.63.3 Virtuozzo 7.0.8, 3.10.0-862.11.6.vz7.64.7 Virtuozzo 7.0.8 HF1, 3.10.0-862.20.2.vz7.73.24 Virtuozzo 7.0.9 and Virtuozz...

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this fla...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS attacks. The vulnerability exists as the implementation of certain splicewrite file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-118.20.1 - tty: Fix race in ptywrite leading to NULL deref Todd Vierling Orabug: 25392692 - ocfs2/dlm: ignore cleaning the migration mle that is inuse xuejiufei Orabug: 26479780 - KEYS: fix dereferencing NULL payload with nonzero length Eric Biggers Orabug: 26592025 - oracleasm:...

kernel: ipv4/tcp: Infinite loop in tcp_splice_read()

A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice and tcpspliceread functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely...

kernel: ipv4/tcp: Infinite loop in tcp_splice_read()

A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice and tcpspliceread functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely...

kernel: ipv4/tcp: Infinite loop in tcp_splice_read()

A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice and tcpspliceread functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely...

Hiding SSH Servers Behind HTTP: sshttp

Hiding SSH Servers Behind HTTP In case your FW policy forbids SSH access to the DMZ or internal network from outside, but you still want to use ssh on machines which only have one open port, e.g. HTTP , you can use sshttpd . sshttpd can multiplex the following protocol pairs: SSH/HTTP SSH/HTTPS...

kernel: ipv4/tcp: Infinite loop in tcp_splice_read()

A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice and tcpspliceread functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely...

DEBIAN-CVE-2015-8897

The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service application crash via a crafted png file...

CVE-2017-6214

A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice and tcpspliceread functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely...

Linux kernel denial of service vulnerability (CNVD-2017-02483)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability in the tcpspliceread function in the net/ipv4/tcp.c file in versions of Linux kernel prior to 4.9.11 allows remote attackers to cause a denia...

DEBIAN-CVE-2017-6214

The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via vectors involving a TCP packet with the URG flag...

Microsoft Edge - Array.splice Heap Overflow

Microsoft Edge - Array.splice Heap Overflow var a = ; class dummy a.length = 200000; a.fill7, 10000, 10200; var o = ; Object.definePropertyo, 'constructor', get: function a.length = 0xfffffffe; var k = ; k.fill.calla, 7.7, 0xfffff000, 0xfffffffe; return dummy; ; a.proto = o; var q = ; q.length =...

kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...

kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...

kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...

kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko

A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the splice system call. A local unprivileged user on a system with either...