Lucene search

Veracode Vulnerability DatabaseVERACODE:16927

HistoryMay 02, 2019 - 5:29 a.m.

Denial Of Service (DoS)

2019-05-0205:29:38

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

kernel is vulnerable to denial of service. It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way.

CPENameOperatorVersion
kerneleq2.6.32__279.5.2.el6
kerneleq2.6.32__358.123.4.openstack.el6
kerneleq2.6.32__279.5.1.el6
kerneleq2.6.32__504.8.1.el6
kerneleq2.6.32__358.6.1.el6
kerneleq2.6.32__358.0.1.el6
kerneleq2.6.32__431.40.2.el6
kerneleq2.6.32__358.111.1.openstack.el6
kerneleq2.6.32__431.el6
kerneleq2.6.32__431.53.2.el6

Name	Operator	Version
kernel	eq	2.6.32__279.5.2.el6
kernel	eq	2.6.32__358.123.4.openstack.el6
kernel	eq	2.6.32__279.5.1.el6
kernel	eq	2.6.32__504.8.1.el6
kernel	eq	2.6.32__358.6.1.el6
kernel	eq	2.6.32__358.0.1.el6
kernel	eq	2.6.32__431.40.2.el6
kernel	eq	2.6.32__358.111.1.openstack.el6
kernel	eq	2.6.32__431.el6
kernel	eq	2.6.32__431.53.2.el6

Rows per page:

1-10 of 1901

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2b9e6c1a35afcc0973acb72e591c714e78885ff

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a2b9e6c1a35afcc0973acb72e591c714e78885ff

lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

rhn.redhat.com/errata/RHSA-2016-0855.html

secunia.com/advisories/62305

secunia.com/advisories/62326

secunia.com/advisories/62336

www.openwall.com/lists/oss-security/2014/11/13/7

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/71078

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.8_Release_Notes/index.html

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.8_Technical_Notes/index.html

access.redhat.com/security/cve/CVE-2016-3841

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=1066751

bugzilla.redhat.com/show_bug.cgi?id=1163762

bugzilla.redhat.com/show_bug.cgi?id=1197875

bugzilla.redhat.com/show_bug.cgi?id=1225359

bugzilla.redhat.com/show_bug.cgi?id=1242239

bugzilla.redhat.com/show_bug.cgi?id=1248507

bugzilla.redhat.com/show_bug.cgi?id=1254020

bugzilla.redhat.com/show_bug.cgi?id=1259870

bugzilla.redhat.com/show_bug.cgi?id=1310661

bugzilla.redhat.com/show_bug.cgi?id=697750

bugzilla.redhat.com/show_bug.cgi?id=723722

bugzilla.redhat.com/show_bug.cgi?id=889368

github.com/torvalds/linux/commit/a2b9e6c1a35afcc0973acb72e591c714e78885ff

rhn.redhat.com/errata/RHSA-2016-0855.html

www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

JSON

Related for VERACODE:16927