CentOS Update for kernel CESA-2015:0674 centos6

Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882129";...

Oracle Linux 6 : kernel (ELSA-2015-0674)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0674 advisory. - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 - fs splice: perform generic wri...

kernel: splice: lack of generic write checks

A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system...

kernel security and bug fix update

2.6.32-504.12.2 - infiniband core: Prevent integer overflow in ibumemget address arithmetic Doug Ledford 1181173 1179327 CVE-2014-8159 2.6.32-504.12.1 - fs splice: perform generic write checks Eric Sandeen 1163798 1155900 CVE-2014-7822 2.6.32-504.11.1 - virt kvm: excessive pages un-pinning in...

CentOS Update for kernel CESA-2015:0164 centos5

Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882118";...

Oracle Linux 5 : kernel (ELSA-2015-0164)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-0164 advisory. - fs splice: perform generic write checks Eric Sandeen 1155908 CVE-2014-7822 - x86 traps: stop using IST for SS Petr Matousek 1172809 CVE-2014-9322 Tenable has...

kernel: splice: lack of generic write checks

A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system...

Linux Kernel 'splice()' System Call Local Denial of Service Vulnerability

The Linux kernel is the kernel used by the open source operating system Linux. A local denial of service vulnerability exists in the Linux Kernel 'splice' System Call, which allows attackers to exploit this vulnerability to launch denial of service attacks...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20150128)

A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...

RedHat Update for kernel RHSA-2015:0102-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : kernel (ELSA-2015-0102)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0102 advisory. - mm shmem: fix splicing from a hole while it's punched Denys Vlasenko 1118244 1118245 CVE-2014-4171 - mm shmem: fix faulting into a hole, not taking...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

kernel: splice: lack of generic write checks

A flaw was found in the way the Linux kernel's splice system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system...

PT-2015-1018 · Linux +5 · Linux +5

Name of the Vulnerable Software and Affected Versions: linux-image versions 3.13.0 through 3.15.x linux-image versions 3.2.0 through 3.15.x Description: The issue is related to the implementation of certain splice write file operations in the Linux kernel, which does not enforce a restriction on...

Linux Kernel 2.6.x 'splice(2)' Double Lock Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35143/info The Linux kernel is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause an affected process to hang, denying service to legitimate users. Other denial-of-service attacks...

CVE-2013-3846

Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted CSpliceTreeEngine::InsertSplice object in an HTML document, aka "Internet Explorer Memory Corruption Vulnerability," ...

SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 8524 / 8525 / 8528)

The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to version 3.0.101 and also includes various other bug and security fixes. The following features have been added : - Drivers: hv: Support handling multiple VMBUS versions FATE314665. - Drivers: hv: Save and export negotiated vmbus...

Kernel: net: oops from tcp_collapse() when using splice(2)

The tcpreadsock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service system crash via a crafted splice system call for a TCP socket...

Kernel: net: oops from tcp_collapse() when using splice(2)

The tcpreadsock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service system crash via a crafted splice system call for a TCP socket...

CVE-2013-2128

The tcpreadsock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service system crash via a crafted splice system call for a TCP socket...