7 matches found
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002794)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002794 advisory. The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which...
CVE-2017-7184
The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access by leveraging the CAPNETADMI...
Heap overflow
The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access by leveraging the CAPNETADMI...
CVE-2017-7184
The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access by leveraging the CAPNETADMI...
CVE-2017-7184
The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access by leveraging the CAPNETADMI...
CVE-2017-7184
The CVE-2017-7184 issue affects the Linux kernel xfrm subsystem, where xfrm_replay_verify_len in net/xfrm/xfrm_user.c up to 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, enabling a local attacker with CAP_NET_ADMIN to cause a heap-based out-of-bounds access and potent...
CVE-2017-7184
The xfrmreplayverifylen function in net/xfrm/xfrmuser.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRMMSGNEWAE update, which allows local users to obtain root privileges or cause a denial of service heap-based out-of-bounds access by leveraging the CAPNETADMI...