Vulnerability & Exploit Database

Displaying all 7 entries

Results for: CVE-2016-9584 Back to search

ELSA-2015-2152 Important: Oracle Linux kernel security, bug fix, and enhancement update Vulnerability

  • Severity: 10
  • Published: March 16, 2015

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.

ELSA-2015-0864 Important: Oracle Linux kernel security and bug fix update Vulnerability

  • Severity: 10
  • Published: March 16, 2015

Use-after-free vulnerability in the sctp_assoc_update function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service (slab corruption and panic) or possibly have unspecified other impact by triggering an INIT collision that leads to improper handling of shared-key data.

ELSA-2015-3035 Important: Oracle Linux Unbreakable Enterprise kernel security and bugfix update Vulnerability

  • Severity: 9
  • Published: January 09, 2015

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a...

ELSA-2015-3032 Important: Oracle Linux Unbreakable Enterprise kernel security update Vulnerability

  • Severity: 7
  • Published: January 09, 2015

Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that trigger access to a key structure member during garbage collection of a key.