Page 648 of 3895 results (0.021 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE. La funcionalidad de descapsulación ULE en drivers/media/dvb/dvb-core/dvb_net.c en dvb-core en el kernel de Linux v2.6.33y anteriores permite a atacantes producir una denegación de servicio (bucle infinito) a través de un marco MPEG2-TS manipulado, relacionado con el payload de un puntero ULE no valido • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html http://secunia.com/advisories/39649 http://secunia.com/advisories/39742 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://support.avaya.com/css/P8/documents/100088287 http://support.avaya.com/css/P8/documents/100090459 http://www.debian.org/security/2010/dsa-2053 • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0

The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference. La Transparent Inter-Process Communication (TIPC) del kernel de Linux versiones 2.6.16-rc1 hasta 2.6.33, y posiblemente otras versiones, permite a los usuarios locales causar una denegación de servicio (OOPS de kernel) mediante el envío de datagramas por medio de AF_TIPC antes de entrar en modo de red, lo que desencadena una desreferencia de puntero NULL. • http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git%3Ba=commitdiff%3Bh=d0021b252eaf65ca07ed14f0d66425dd9ccab9a6%3Bhp=6d55cb91a0020ac0d78edcad61efd6c8cf5785a3 http://secunia.com/advisories/39830 http://secunia.com/advisories/43315 http://www.debian.org/security/2010/dsa-2053 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 http://www.openwall.com/lists/oss-security/2010/03/30/1 http://www.openwall.com/lists/oss-security/2010/03/31/1 http://www.securityfocus.com/archive&# • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 4%CPEs: 154EXPL: 0

Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 before 2.6.20, when IPV6_RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not properly handled and causes the skb structure to be freed. Vulnerabilidad de uso despues de liberacion en net/ipv4/tcp_input.c en el kernel Linux 2.6 en versiones anteriores a la 2.6.20, cuando IPV6_RECVPKTINFO está habilitado en un socket a la escucha, permite a atacantes remotos provocar una denegación de servicio (kernel panic) mediante un paquete SYN mientras el socket está en un estado de escucha (TCP_LISTEN), el cual no es manejado adecuadamente, provoca que la estructura skb sea liberada. • http://git.kernel.org/linus/fb7e2399ec17f1004c0e0ccfd17439f8759ede01 http://secunia.com/advisories/39652 http://support.avaya.com/css/P8/documents/100090459 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20 http://www.openwall.com/lists/oss-security/2010/03/29/1 http://www.redhat.com/support/errata/RHSA-2010-0380.html http://www.redhat.com/support/errata/RHSA-2010-0394.html http://www.redhat.com/support/errata/RHSA-2010-0424.html http://www.redhat.com/suppor • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •

CVSS: 7.8EPSS: 5%CPEs: 287EXPL: 2

The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via unknown vectors. La función ip6_dst_lookup_tail en net/ipv6/ip6_output.c en el kernel de linux anterior a v2.6.27 no maneja adecuadamente bajo determinadas circunstancias que involucran a la interfaz de red IPv6 TUN y un gran número de vecinos, lo que permite a atacantes remotos provocar una denegación de servicio (deferencia a puntero nulo y OOPS) o posiblemente tener un impacto desconocido a través de vectores desconocidos. • https://www.exploit-db.com/exploits/33635 http://bugzilla.kernel.org/show_bug.cgi?id=11469 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e550dfb0c2c31b6363aa463a035fc9f8dcaa3c9b http://secunia.com/advisories/39033 http://secunia.com/advisories/43315 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27 http://www.openwall.com/lists/oss-security/2010/02/11/1 http://www.openwall.com/lists/oss-security/2010/03/04/4 http:/&#x • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 14%CPEs: 199EXPL: 0

The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length. La función sctp_rcv_ootb en la implementación de SCTP en el kernel de Linux anterior a versión 2.6.23, permite a los atacantes remotos causar una denegación de servicio (bucle infinito) por medio de (1) un fragmento Out Of The Blue (OOTB) o (2) un fragmento de longitud cero. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ece25dfa0991f65c4e1d26beb1c3c45bda4239b8 http://secunia.com/advisories/39295 http://secunia.com/advisories/43315 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23 http://www.openwall.com/lists/oss-security/2010/03/17/2 http://www.redhat.com/support/errata/RHSA-2010-0147.html http://www.redhat.com/support/errata/RHSA-2010-0342.html http://www.securityfocus.com/archive/1/516397/100& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-399: Resource Management Errors •