Vulnerability & Exploit Database

Displaying entries 1 - 10 of 13 in total

Results for: CVE-2014-3636 Back to search

RHSA-2015:1534: kernel security and bug fix update Vulnerability

  • Severity: 7
  • Published: May 26, 2015

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715issue.This update also fixes several bugs. Refer to the following Knowledgebasearticle for further information:https://access.redhat.com/articles/1474193All kernel users are advised to...

ELSA-2015-1272 Moderate: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 9
  • Published: May 26, 2015

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a...

RHSA-2015:1565: kernel-rt security, bug fix, and enhancement update Vulnerability

  • Severity: 7
  • Published: May 26, 2015

The kernel-rt packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Nathan Hoad for reporting the CVE-2014-9715issue.The kernel-rt packages have been upgraded to version 3.10.0-229.11.1, whichprovides a number of bug fixes and enhancements over the previous version,including:(BZ#1234470)This...

ELSA-2015-1534 Moderate: Oracle Linux kernel security and bug fix update Vulnerability

  • Severity: 7
  • Published: May 26, 2015

The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka ...

ELSA-2015-2152 Important: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 10
  • Published: March 15, 2015

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.

SUSE: CVE-2014-3636: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: October 24, 2014

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of f...

Oracle Solaris 11: CVE-2014-3636: Vulnerability in DBus Vulnerability

  • Severity: 2
  • Published: October 24, 2014

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of f...

Gentoo Linux: CVE-2014-3636: D-Bus: Multiple Vulnerabilities Vulnerability

  • Severity: 2
  • Published: October 24, 2014

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of f...

Alpine Linux: CVE-2014-3636: dbus security issues Vulnerability

  • Severity: 2
  • Published: September 21, 2014

D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 allows local users to (1) cause a denial of service (prevention of new connections and connection drop) by queuing the maximum number of file descriptors or (2) cause a denial of service (disconnect) via multiple messages that combine to have more than the allowed number of f...