Vulnerability & Exploit Database

Displaying entries 1 - 10 of 19 in total

Results for: CVE-2014-7826 Back to search

ELSA-2015-1272 Moderate: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 9
  • Published: May 27, 2015

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a...

RHSA-2015:0864: kernel security and bug fix update Vulnerability

  • Severity: 10
  • Published: March 16, 2015

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Andy Lutomirski for reporting CVE-2014-3215and CVE-2014-3690, Robert ?wi?cki for reporting CVE-2014-7825 andCVE-2014-7826, and Carl Henrik Lunde for reporting CVE-2014-9584. TheCVE-2015-1421 issue was discovered by Sun Baoliang...

ELSA-2015-0864 Important: Oracle Linux kernel security and bug fix update Vulnerability

  • Severity: 10
  • Published: March 16, 2015

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.

SUSE Linux Security Advisory: SUSE-SU-2014:1669-1 Vulnerability

  • Severity: 7
  • Published: December 17, 2014

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

USN-2444-1: Linux kernel (OMAP4) vulnerabilities Vulnerability

  • Severity: 6
  • Published: November 29, 2014

Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via a large message length in an ioctl call.

USN-2443-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 7
  • Published: November 29, 2014

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

RHSA-2015:0290: kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 7
  • Published: November 29, 2014

The kernel packages contain the Linux kernel, the core of any Linuxoperating system.Red Hat would like to thank Eric Windisch of the Docker project forreporting CVE-2015-0274, Andy Lutomirski for reporting CVE-2014-3690, andRobert ?wi?cki for reporting CVE-2014-7825 and CVE-2014-7826.This update also fixes several hundred bugs and adds n...

ELSA-2015-3013 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 7
  • Published: November 29, 2014

The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory (PMD) entry is a transparent huge-table entry, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or p...

USN-2448-1: Linux kernel vulnerabilities Vulnerability

  • Severity: 8
  • Published: November 10, 2014

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.