Vulnerability & Exploit Database

Displaying entries 1 - 10 of 22 in total

Results for: CVE-2014-4652 Back to search

RHSA-2015:1272: kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 6
  • Published: May 27, 2015

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Andy Lutomirski for reporting the CVE-2014-8133issue, and Nadav Amit for reporting the CVE-2015-0239 issue.This update fixes several hundred bugs and adds numerous enhancements.Refer to the Red Hat Enterprise Linux 6.7 Release ...

ELSA-2015-1272 Moderate: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 9
  • Published: May 27, 2015

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a...

ELSA-2014-3105 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 5
  • Published: November 29, 2014

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.

RHSA-2014:1971: kernel security and bug fix update Vulnerability

  • Severity: 8
  • Published: November 10, 2014

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

ELSA-2014-1971 Important: Oracle Linux kernel security and bug fix update Vulnerability

  • Severity: 8
  • Published: November 10, 2014

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

ELSA-2015-0290 Important: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 8
  • Published: September 28, 2014

The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly have unspecified other impact by deleting the IPC$ share during resolution of DFS referrals.

ELSA-2014-3104 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 7
  • Published: September 28, 2014

Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that send...

ELSA-2014-3103 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 7
  • Published: September 28, 2014

Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that send...

USN-2337-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 7
  • Published: July 03, 2014

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access.