Vulnerability & Exploit Database

Displaying entries 1 - 10 of 23 in total

Results for: CVE-2014-5471 Back to search

ELSA-2015-1272 Moderate: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 9
  • Published: May 27, 2015

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a...

RHSA-2015:0803: kernel security and bug fix update Vulnerability

  • Severity: 7
  • Published: March 16, 2015

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue.This update also fixes the following bugs:All kernel users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. The system mus...

RHSA-2015:0782: kernel security and bug fix update Vulnerability

  • Severity: 10
  • Published: March 16, 2015

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Mellanox for reporting CVE-2014-8159, and AndyLutomirski for reporting CVE-2014-3690. The CVE-2015-1421 issue wasdiscovered by Sun Baoliang of Red Hat.This update also fixes the following bugs:All kernel users are advised to up...

RHSA-2015:0695: kernel security and bug fix update Vulnerability

  • Severity: 7
  • Published: March 16, 2015

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Mellanox for reporting the CVE-2014-8159 issue.The CVE-2014-7841 issue was discovered by Liu Wei of Red Hat.This update also fixes the following bugs:All kernel users are advised to upgrade to these updated packages, whichconta...

SUSE Linux Security Advisory: SUSE-SU-2014:1669-1 Vulnerability

  • Severity: 7
  • Published: December 17, 2014

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

ELSA-2014-3108 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 7
  • Published: December 17, 2014

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

ELSA-2014-3107 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 7
  • Published: December 17, 2014

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

ELSA-2014-3106 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 7
  • Published: December 17, 2014

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

SUSE Linux Security Advisory: SUSE-SU-2014:1677-1 Vulnerability

  • Severity: 8
  • Published: November 10, 2014

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.