#ibm

CVE-2017-18202

The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window.

7 years ago

CVE

Open in Source

#ios #mac #windows #google #linux #dos #git #oracle #intel #c++#perl #samba #amd #bios #asus #huawei #auth #ibm #wifi

CVE-2017-18079

drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated.

7 years ago

CVE

Open in Source

#web #ios #mac #apple #linux #dos #git #intel #c++#perl #samba #pdf #vmware #lenovo #amd #bios #buffer_overflow #auth #ibm #dell #rpm #sap #wifi

CVE-2017-18075

crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls.

7 years ago

CVE

Open in Source

#ios #amazon #linux #debian #dos #git #intel #c++#lenovo #amd #bios #acer #auth #ibm #dell #sap

CVE-2017-12119: TALOS-2017-0471 || Cisco Talos Intelligence Group

An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC. Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability.

7 years ago

CVE

Open in Source

#vulnerability #web #ubuntu #linux #cisco #dos #js #git #intel #c++#ibm

CVE-2017-18017

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.

7 years ago

CVE

Open in Source

#ios #mac #windows #google #linux #dos #js #git #oracle #intel #c++#perl #vmware #amd #bios #asus #acer #huawei #auth #ibm #rpm #sap #wifi

CVE-2017-17806

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HASH) and the SHA-3 hash algorithm (CONFIG_CRYPTO_SHA3) to cause a kernel stack buffer overflow by executing a crafted sequence of system calls that encounter a missing SHA-3 initialization.

7 years ago

CVE

Open in Source

#vulnerability #ios #mac #google #linux #git #intel #c++#perl #samba #pdf #vmware #bios #buffer_overflow #acer #auth #xiaomi #ibm #rpm

CVE-2017-14266: Offensive Security’s Exploit Database Archive

tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.

7 years ago

CVE

Open in Source

#vulnerability #mac #ubuntu #linux #c++#buffer_overflow #auth #ibm

CVE-2015-5195: Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in NTP

It was found that ntpd would exit with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) was referenced by the statistics or filegen configuration command.

7 years ago

CVE

Open in Source

#vulnerability #web #dos #auth #ibm

CVE-2015-5180: Siddhesh Poyarekar - The GNU C Library version 2.25 is now available

CVE-2015-5180 glibc: DNS resolver NULL pointer dereference with crafted record type

7 years ago

CVE

Open in Source