CVE-2017-16649

The usbnetgenericcdcbind function in drivers/net/usb/cdcether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service divide-by-zero error and system crash or possibly have unspecified other impact via a crafted USB device...

Ubuntu 16.04 LTS : Linux kernel (GCP) vulnerability (USN-3443-3)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3443-3 advisory. Andrey Konovalov discovered that a divide-by-zero error existed in the TCP stack implementation in the Linux kernel. A local attacker could use this to cause a...

Ubuntu: Security Advisory (USN-3444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3444-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3444-1 advisory. Jan H. Schnherr discovered that the Xen subsystem did not properly handle block IO merges correctly in some situations. An attacker in a guest vm could u...

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3444-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3444-2 advisory. USN-3444-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3443-2)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3443-2 advisory. USN-3443-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement H...

USN-3443-1: Linux kernel vulnerabilities

It was discovered that on the PowerPC architecture, the kernel did not properly sanitize the signal stack when handling sigreturn. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-1000255 Andrey Konovalov discovered that a...

Denial of service

decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted ELF file...

CVE-2017-15025

decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted ELF file...

CVE-2017-14634

CVE-2017-14634 concerns libsndfile 1.0.28, where the divide-by-zero in double64_init() (double64.c) may cause a Denial of Service when opening a crafted audio file. The issue is documented across multiple advisories and vendors. Impact is a DoS via crafted input; exploit details are not provided ...

CVE-2017-14634

In libsndfile 1.0.28, a divide-by-zero error exists in the function double64init in double64.c, which may lead to DoS when playing a crafted audio file...

Path traversal

The tcpdisconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service tcpselectwindow divide-by-zero error and system crash by triggering a disconnect within a certain tcprecvmsg code path...

CVE-2017-14106

The tcpdisconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service tcpselectwindow divide-by-zero error and system crash by triggering a disconnect within a certain tcprecvmsg code path...

Denial of service

CDirVector::GetTable in dirfunc.hxx in libfpx 1.3.1p6 allows remote attackers to cause a denial of service divide-by-zero error via a crafted fpx image...

CVE-2017-12924

The vulnerability CVE-2017-12924 affects the library libfpx, specifically version 1.3.1_p6, where CDirVector::GetTable in dirfunc.hxx is vulnerable. A crafted FlashPIX image can trigger a divide-by-zero error, allowing remote attackers to cause a denial of service. The connected documents confirm...

AIX NTP v4 Advisory : ntp_advisory4.asc (IV79954) (IV79954)

The remote AIX host has a version of Network Time Protocol NTP installed that is affected by the following vulnerabilities : - A divide-by-zero error exists in file include/ntp.h when handling LOGTOD and ULOGTOD macros in a crafted NTP packet. An unauthenticated, remote attacker can exploit this,...

CVE-2017-11359

The wavwritehdr function in wav.c in Sound eXchange SoX 14.4.2 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted snd file, during conversion to a wav file...

CVE-2017-11546

The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted mid file. NOTE: a crash might be relevant when using the --background option...

Denial of service

The startread function in wav.c in Sound eXchange SoX 14.4.2 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted wav file...

Design/Logic Flaw

The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted mid file. NOTE: a crash might be relevant when using the --background option...