23 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002965)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002965 advisory. The XFRM dump policy implementation in net/xfrm/xfrmuser.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001886)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001886 advisory. The xfrmstatenetlink function in net/xfrm/xfrmuser.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dumponestate function calls, which...
EUVD-2018-9717
Malware in sbrugna...
AZL-33496 CVE-2023-3773 affecting package hyperv-daemons for versions less than 5.15.158.1-1
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...
The vulnerability of the Linux operating system’s kernel lies in the improper handling of a certain interaction between XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets. This allows an attacker to cause a service failure.
The vulnerability of the Linux operating system’s kernel is related to the improper handling of a certain interaction between XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets. Exploiting this vulnerability can allow an attacker to cause a service failure...
Code injection
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets, which allows local users to cause a denial of service memory consumption and system hang by leveraging root access to execute crafted applications, as demonstrated on...
CVE-2018-17977
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets, which allows local users to cause a denial of service memory consumption and system hang by leveraging root access to execute crafted applications, as demonstrated on...
CVE-2018-17977
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets, which allows local users to cause a denial of service memory consumption and system hang by leveraging root access to execute crafted applications, as demonstrated on...
CVE-2018-17977
CVE-2018-17977 affects Linux kernel 4.14.67, where interaction between XFRM Netlink messages, IPPROTO_AH, and IPPROTO_IP can be exploited locally (with root) to trigger memory exhaustion and system hang; demonstrated on CentOS 7. The provided documents do not specify a fix or patch version.
CVE-2018-17977
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets, which allows local users to cause a denial of service memory consumption and system hang by leveraging root access to execute crafted applications, as demonstrated on...
CVE-2018-17977
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets, which allows local users to cause a denial of service memory consumption and system hang by leveraging root access to execute crafted applications, as demonstrated on...
PT-2018-2963
Name of the Vulnerable Software and Affected Versions Linux kernel version 4.14.67 Description The issue is related to incorrect handling of certain interactions between XFRM Netlink messages, IPPROTO AH packets, and IPPROTO IP packets. This can be exploited to cause a denial of service, resultin...
CentOS Update for kernel CESA-2018:1965 centos7
Check the version of kernel SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882915";...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Amazon Linux 2 : kernel (ALAS-2018-1023)
A weakness was found in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated. CVE-2018-1108 A flaw was found in the way the Linux kernel handled exceptions delivered after a stac...
Important kernel security update: CVE-2017-8824 and other; Virtuozzo ReadyKernel patch 42.0 for Virtuozzo 7.0.0, 7.0.1, and 7.0.3
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.42.0.vz7.18.7 Virtuozzo 7.0.1, and 3.10.0-327.42.0.vz7.20.18 Virtuozzo 7.0.3. Vulnerability id: CVE-2017-8824 A...
Virtuozzo 7 : readykernel-patch (VZA-2017-111)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - dccpdisconnect set the socket state to DCCPCLOSED but did not properly free some of the resources associated with th...
Virtuozzo 7 : readykernel-patch (VZA-2017-110)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - dccpdisconnect set the socket state to DCCPCLOSED but did not properly free some of the resources associated with th...
Virtuozzo 7 : readykernel-patch (VZA-2017-068)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in the handling of xfrm Netlink messages. A privileged user inside a container could cause...
Linux kernel net/xfrm/xfrm_policy.c file denial of service vulnerability
The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the net/xfrm/xfrmpolicy.c file in Linux kernel version 4.12.3 and earlier, which stems from the program failing to detect the dir value of...