CVE Summary
The following CVE are available for all releases offered through Unbreakable Linux Network (ULN).
Synopsis
CVE-2105-1331** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.2017-05-12
CVE-2017-9800A maliciously constructed svn+ssh:// URL would cause Subversionclients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.2017-08-10
CVE-2017-9798Apache httpd allows remote attackers to read secret data from processmemory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.2017-09-18
CVE-2017-9788 In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the valueplaceholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service. 2017-07-11
CVE-2017-9776Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc inpdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.2017-06-21
CVE-2017-9775Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before0.56 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document.2017-06-21
CVE-2017-9524** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-05-26
CVE-2017-9462In Mercurial before 4.1.3, hg serve --stdio allows remoteauthenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. 2017-04-18
CVE-2017-9461 smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial ofservice vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks. 2017-02-16
CVE-2017-9287 servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone toa double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. 2017-05-17
CVE-2017-9242The __ip6_append_data function in net/ipv6/ip6_output.c in the Linuxkernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.2017-05-19
CVE-2017-9148The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS. 2017-05-08
CVE-2017-9077 The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. 2017-05-10
CVE-2017-9076 The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. 2017-05-10
CVE-2017-9075 The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linuxkernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. 2017-05-17
CVE-2017-9074 The IPv6 fragmentation implementation in the Linux kernel through4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. 2017-05-16
CVE-2017-8932 A bug in the standard library ScalarMult implementation of curve P-256for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries. 2017-05-23
CVE-2017-8905Xen through 4.6.x on 64-bit platforms mishandles a failsafe callback,which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-215. 2017-05-02
CVE-2017-8904Xen through 4.8.x mishandles the contains2017-05-02
CVE-2017-8903Xen through 4.8.x on 64-bit platforms mishandles page tables after anIRET hypercall, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-213. 2017-05-02
CVE-2017-8890 The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c inthe Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. 2017-05-09
CVE-2017-8797 The NFSv4 server in the Linux kernel before 4.11.3 does not properlyvalidate the layout type when processing the NFSv4 pNFS GETDEVICEINFO or LAYOUTGET operand in a UDP packet from a remote attacker. This type value is uninitialized upon encountering certain error conditions. This value is used as an array index for dereferencing, which leads to an OOPS and eventually a DoS of knfsd and a soft-lockup of the whole system. 2017-06-27
CVE-2017-8779rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service (memory consumption with no subsequent free) via a crafted UDP packet to port 111, aka rpcbomb. 2017-05-03
CVE-2017-8422KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users togain root privileges by spoofing a callerID and leveraging a privileged helper app. 2017-05-10
CVE-2017-8386 git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character. 2017-05-05
CVE-2017-8291Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass andremote command execution via .rsdparams type confusion with a /OutputFile (%pipe% substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017. 2017-04-26
CVE-2017-7980** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-03-15
CVE-2017-7895The NFSv2 and NFSv3 server implementations in the Linux kernel through4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.2017-04-28
CVE-2017-7889 The mm subsystem in the Linux kernel through 4.10.10 does not properlyenforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c. 2017-04-05
CVE-2017-7870 LibreOffice before 2017-01-02 has an out-of-bounds write caused by aheap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. 2017-01-10
CVE-2017-7869 GnuTLS before 2017-02-20 has an out-of-bounds write caused by aninteger overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. 2017-04-14
CVE-2017-7824 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-09-28
CVE-2017-7823 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-09-28
CVE-2017-7819 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-09-28
CVE-2017-7818 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-09-28
CVE-2017-7814 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-09-28
CVE-2017-7810 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-09-28
CVE-2017-7809 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-09
CVE-2017-7807 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7805 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-09-28
CVE-2017-7803 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7802 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7801 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7800 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7798 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7793 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-09-28
CVE-2017-7792 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7791 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7787 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
CVE-2017-7786 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2017-08-08
1 - 50Next

Copyright (c) 2015, 2017, Oracle Corporation. All Rights Reserved.