Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2023-12759)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12759 advisory. - xfrm: fix crash in XFRMMSGGETSA netlink handler Vegard Nossum Orabug: 35598955 CVE-2023-3106 - netfilter: nftables: validate registers coming fr...

CVE-2023-3106

A NULL pointer dereference vulnerability was found in netlinkdump. This issue can occur when the Netlink socket receives the messagesendmsg for the XFRMMSGGETSA, XFRMMSGGETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due t...

CVE-2023-3106

A NULL pointer dereference vulnerability was found in netlinkdump. This issue can occur when the Netlink socket receives the messagesendmsg for the XFRMMSGGETSA, XFRMMSGGETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due t...

CVE-2023-3106

A NULL pointer dereference vulnerability was found in netlinkdump. This issue can occur when the Netlink socket receives the messagesendmsg for the XFRMMSGGETSA, XFRMMSGGETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due t...

CVE-2023-3106 Kernel: netlink socket crash (null pointer deref) in netlink_dump function

A NULL pointer dereference vulnerability was found in netlinkdump. This issue can occur when the Netlink socket receives the messagesendmsg for the XFRMMSGGETSA, XFRMMSGGETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due t...

Denial Of Service (DoS)

kernel-rt is vulnerable to denial of service DoS attacks. The vulnerability exists as the XFRM dump policy implementation in net/xfrm/xfrmuser.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF setsockopt...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:3307-1)

This update for the Linux Kernel 3.12.61-52101 fixes several issues. The following security issues were fixed : - CVE-2017-16939: The XFRM dump policy implementation in net/xfrm/xfrmuser.c allowed local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF...

Design/Logic Flaw

The XFRM dump policy implementation in net/xfrm/xfrmuser.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF setsockopt system call in conjunction with XFRMMSGGETPOLICY Netlink messages...

CVE-2017-16939

The XFRM dump policy implementation in net/xfrm/xfrmuser.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service use-after-free via a crafted SORCVBUF setsockopt system call in conjunction with XFRMMSGGETPOLICY Netlink messages...