exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

CVE-2011-2723

Status Candidate

Overview

The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic.

Related Files

HP Security Bulletin HPSBGN02970
Posted Mar 11, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02970 - Potential vulnerabilities have been identified with HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment. The vulnerabilities could be exploited remotely affecting confidentiality, integrity and availability. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2010-4008, CVE-2010-4494, CVE-2011-2182, CVE-2011-2213, CVE-2011-2492, CVE-2011-2518, CVE-2011-2689, CVE-2011-2723, CVE-2011-3188, CVE-2011-4077, CVE-2011-4110, CVE-2012-0058, CVE-2012-0879, CVE-2012-1088, CVE-2012-1179, CVE-2012-2137, CVE-2012-2313, CVE-2012-2372, CVE-2012-2373, CVE-2012-2375, CVE-2012-2383, CVE-2012-2384, CVE-2013-6205, CVE-2013-6206
MD5 | c2d608f9e9d50c7f6de2082d32f781db
Red Hat Security Advisory 2012-0010-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0010-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted. The way fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload functionality on were handled could allow a remote attacker to cause a denial of service.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2011-1162, CVE-2011-2494, CVE-2011-2723, CVE-2011-2898, CVE-2011-3188, CVE-2011-3191, CVE-2011-3353, CVE-2011-3359, CVE-2011-3363, CVE-2011-3637, CVE-2011-4081, CVE-2011-4110, CVE-2011-4132, CVE-2011-4326
MD5 | fef4d4e68b2f0a6500318db2dfce9ac7
Red Hat Security Advisory 2011-1408-01
Posted Oct 26, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1408-01 - An updated rhev-hypervisor package that fixes several security issues is now available. The RHBA-2011:1254 update introduced a regression in the Linux kernel's Ethernet bridge implementation. If a system had an interface in a bridge, and an attacker on the local network could send packets to that interface, they could cause a denial of service on that system. A flaw in the Linux kernel could lead to GRO (Generic Receive Offload) fields being left in an inconsistent state. An attacker on the local network could use this flaw to trigger a denial of service. GRO is enabled by default in all network drivers that support it. Various other issues have also been addressed.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-2723, CVE-2011-2942, CVE-2011-3188, CVE-2011-3347
MD5 | a6626ef2f7a1bc04148e8a03ff724275
Ubuntu Security Notice USN-1246-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1246-1 - Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP requests. If a system was using Bluetooth, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-2213, CVE-2011-2497, CVE-2011-2695, CVE-2011-2700, CVE-2011-2723, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
MD5 | 7c7f25407535036c70e0426c08f4c579
Ubuntu Security Notice USN-1241-1
Posted Oct 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1241-1 - It was discovered that the Stream Control Transmission Protocol (SCTP) implementation incorrectly calculated lengths. If the net.sctp.addip_enable variable was turned on, a remote attacker could send specially crafted traffic to crash the system. Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, protocol
systems | linux, ubuntu
advisories | CVE-2011-1573, CVE-2011-1576, CVE-2011-1776, CVE-2011-2213, CVE-2011-2494, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2525, CVE-2011-2695, CVE-2011-2723, CVE-2011-2905, CVE-2011-2909, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191, CVE-2011-3363
MD5 | 447c461aca2cec9be3fb95e5c596cd81
Red Hat Security Advisory 2011-1386-01
Posted Oct 20, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1386-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The maximum file offset handling for ext4 file systems could allow a local, unprivileged user to cause a denial of service. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. Various other issues in the kernel have also been addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2009-4067, CVE-2011-1160, CVE-2011-1585, CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-2695, CVE-2011-2699, CVE-2011-2723, CVE-2011-2942, CVE-2011-3131, CVE-2011-3188, CVE-2011-3191, CVE-2011-3209, CVE-2011-3347
MD5 | 501de34ecdb0786ceee3492c07b05128
Ubuntu Security Notice USN-1228-1
Posted Oct 12, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1228-1 - Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, root
systems | linux, ubuntu
advisories | CVE-2011-1776, CVE-2011-2213, CVE-2011-2497, CVE-2011-2695, CVE-2011-2700, CVE-2011-2723, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
MD5 | 342cc180d5cecac8d3b0c419772eaabf
Ubuntu Security Notice USN-1227-1
Posted Oct 12, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1227-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1776, CVE-2011-1833, CVE-2011-2213, CVE-2011-2497, CVE-2011-2699, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918, CVE-2011-2928, CVE-2011-3191
MD5 | 9a2337043e81a33d9037f7ecaaaa557b
Red Hat Security Advisory 2011-1350-01
Posted Oct 6, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1350-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Flaws in the AGPGART driver implementation when handling certain IOCTL commands could allow a local user to cause a denial of service or escalate their privileges. An integer overflow flaw in agp_allocate_memory() could allow a local user to cause a denial of service or escalate their privileges.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-1160, CVE-2011-1745, CVE-2011-1746, CVE-2011-1833, CVE-2011-2022, CVE-2011-2484, CVE-2011-2496, CVE-2011-2521, CVE-2011-2723, CVE-2011-2898, CVE-2011-2918
MD5 | 79a99725db7b874bbfbfc554b61f3e78
Ubuntu Security Notice USN-1220-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1220-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1776, CVE-2011-2213, CVE-2011-2497, CVE-2011-2700, CVE-2011-2723, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
MD5 | c545d8cb75d14184310084cc7b87d4dd
Ubuntu Security Notice USN-1219-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1219-1 - Ryan Sweat discovered that the kernel incorrectly handled certain VLAN packets. On some systems, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1576, CVE-2011-1776, CVE-2011-1833, CVE-2011-2213, CVE-2011-2497, CVE-2011-2699, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918, CVE-2011-2928, CVE-2011-3191
MD5 | 678fa3f9121155e428082acdf2e3e5ee
Ubuntu Security Notice USN-1218-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1218-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
MD5 | 35d3d5b3963807dd2b342cfa8593fb78
Ubuntu Security Notice USN-1216-1
Posted Sep 27, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1216-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
MD5 | d6d6c466b796642d016c36b4c6cc7088
Red Hat Security Advisory 2011-1321-01
Posted Sep 21, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1321-01 - The kernel packages contain the Linux kernel. A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO fields being left in an inconsistent state. An attacker on the local network could use this flaw to trigger a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-2723
MD5 | bd7dc69e9df6d005d74147502fb473e1
Ubuntu Security Notice USN-1208-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1208-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
MD5 | 57d4e528333832d919fb9f1a2804ac7c
Ubuntu Security Notice USN-1203-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1203-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
MD5 | 59ef0609ac282a93e71fd9078631cbaf
Debian Security Advisory 2303-2
Posted Sep 11, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2303-2 - The linux-2.6 and user-mode-linux upgrades from DSA-2303-1 has caused a regression that can result in an oops during invalid accesses to /proc/<pid>/maps files.

tags | advisory
systems | linux, debian
advisories | CVE-2011-1020, CVE-2011-1576, CVE-2011-2484, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2525, CVE-2011-2700, CVE-2011-2723, CVE-2011-2905, CVE-2011-2909, CVE-2011-2918, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
MD5 | 9318148db756c5f402f4dfdd1f2988ea
Debian Security Advisory 2303-1
Posted Sep 9, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2303-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2011-1020, CVE-2011-1576, CVE-2011-2484, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2496, CVE-2011-2497, CVE-2011-2517, CVE-2011-2525, CVE-2011-2700, CVE-2011-2723, CVE-2011-2905, CVE-2011-2909, CVE-2011-2918, CVE-2011-2928, CVE-2011-3188, CVE-2011-3191
MD5 | 917e363aeecf249e485568a28a642067
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close