Lucene search

K

Veracode Vulnerability DatabaseVERACODE:12255

HistoryJan 15, 2019 - 9:14 a.m.

Denial Of Service (DoS)

2019-01-1509:14:51

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

19

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

5.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:N/A:C

The kernel package is vulnerable to denial of service (DoS). It is due to the flaw found in the kernels socket recvmmsg subsystem during the error handling routines within __sys_recvmmsg() function.

CPENameOperatorVersion
kerneleq2.6.32__358.123.4.openstack.el6
kerneleq2.6.32__279.5.2.el6
kerneleq2.6.32__279.5.1.el6
kerneleq2.6.32__504.8.1.el6
kerneleq2.6.32__642.6.2.el6
kerneleq2.6.32__358.6.1.el6
kerneleq2.6.32__431.40.2.el6
kerneleq2.6.32__358.0.1.el6
kerneleq2.6.32__358.111.1.openstack.el6
kerneleq2.6.32__642.3.1.el6

Rows per page:

1-10 of 2641

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91

lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html

lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html

rhn.redhat.com/errata/RHSA-2016-1847.html

rhn.redhat.com/errata/RHSA-2016-1875.html

rhn.redhat.com/errata/RHSA-2016-1883.html

rhn.redhat.com/errata/RHSA-2017-0036.html

www.debian.org/security/2016/dsa-3607

www.openwall.com/lists/oss-security/2016/06/24/5

www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

www.securityfocus.com/bid/91451

www.securitytracker.com/id/1036171

www.ubuntu.com/usn/USN-3016-1

www.ubuntu.com/usn/USN-3016-2

www.ubuntu.com/usn/USN-3016-3

www.ubuntu.com/usn/USN-3016-4

www.ubuntu.com/usn/USN-3017-1

www.ubuntu.com/usn/USN-3017-2

www.ubuntu.com/usn/USN-3017-3

www.ubuntu.com/usn/USN-3018-1

www.ubuntu.com/usn/USN-3018-2

www.ubuntu.com/usn/USN-3019-1

www.ubuntu.com/usn/USN-3020-1

access.redhat.com/errata/RHSA-2016:1847

access.redhat.com/errata/RHSA-2016:1875

access.redhat.com/errata/RHSA-2016:1883

access.redhat.com/errata/RHSA-2017:0036

access.redhat.com/security/cve/CVE-2016-4998

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1349886

github.com/torvalds/linux/commit/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

5.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:P/I:N/A:C

Related for VERACODE:12255

f51 prion1 ubuntucve1 redhatcve1 cve1 debiancve1 nessus47 oraclelinux6 suse14 openvas38 redhat4 centos2 fedora3 amazon1 ibm1 ubuntu11 mageia3 cloudfoundry1 debian2 osv1 androidsecurity1