Lucene search

Veracode Vulnerability DatabaseVERACODE:18234

HistoryMay 02, 2019 - 6:36 a.m.

Denial Of Service (DOS)

2019-05-0206:36:11

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

Linux kernel is vulnerable to the Linux kernel since 3.6-rc1 with ‘net.ipv4.tcp_fastopen’ set to 1 can hit BUG() statement in tcp_collapse() function after making a number of certain syscalls. Local users could cause an application crash via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.

CPENameOperatorVersion
kernel-rteq3.0.36__rt57.66.el6rt
kernel-rteq3.10.0__229.rt56.162.el6rt
kernel-rteq3.10.0__327.rt56.198.el6rt
kernel-rteq3.10.0__229.rt56.153.el6rt
kernel-rteq3.0.9__rt26.46.el6rt
kernel-rteq3.10.0__327.rt56.195.el6rt
kernel-rteq3.10.0__514.rt56.231.el6rt
kernel-rteq3.8.13__rt14.20.el6rt
kernel-rteq3.10.0__327.rt56.197.el6rt
kernel-rteq3.10.0__514.rt56.210.el6rt

Name	Operator	Version
kernel-rt	eq	3.0.36__rt57.66.el6rt
kernel-rt	eq	3.10.0__229.rt56.162.el6rt
kernel-rt	eq	3.10.0__327.rt56.198.el6rt
kernel-rt	eq	3.10.0__229.rt56.153.el6rt
kernel-rt	eq	3.0.9__rt26.46.el6rt
kernel-rt	eq	3.10.0__327.rt56.195.el6rt
kernel-rt	eq	3.10.0__514.rt56.231.el6rt
kernel-rt	eq	3.8.13__rt14.20.el6rt
kernel-rt	eq	3.10.0__327.rt56.197.el6rt
kernel-rt	eq	3.10.0__514.rt56.210.el6rt

Rows per page:

1-10 of 1021

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac6e780070e30e4c35bd395acfe9191e6268bdd3

www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.10

www.openwall.com/lists/oss-security/2016/11/11/3

www.openwall.com/lists/oss-security/2016/11/30/3

www.securityfocus.com/bid/94264

www.securitytracker.com/id/1037285

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html

access.redhat.com/errata/RHSA-2017:1842

access.redhat.com/errata/RHSA-2017:2077

access.redhat.com/errata/RHSA-2017:2669

access.redhat.com/security/cve/CVE-2016-10741

access.redhat.com/security/cve/CVE-2016-8645

access.redhat.com/security/cve/CVE-2017-2584

access.redhat.com/security/cve/CVE-2017-5551

access.redhat.com/security/cve/CVE-2017-7495

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1377840

bugzilla.redhat.com/show_bug.cgi?id=1378172

bugzilla.redhat.com/show_bug.cgi?id=1389215

bugzilla.redhat.com/show_bug.cgi?id=1393904

bugzilla.redhat.com/show_bug.cgi?id=1400188

bugzilla.redhat.com/show_bug.cgi?id=1414052

bugzilla.redhat.com/show_bug.cgi?id=1421801

bugzilla.redhat.com/show_bug.cgi?id=1421810

bugzilla.redhat.com/show_bug.cgi?id=1425780

bugzilla.redhat.com/show_bug.cgi?id=1426661

bugzilla.redhat.com/show_bug.cgi?id=1427626

bugzilla.redhat.com/show_bug.cgi?id=1427647

bugzilla.redhat.com/show_bug.cgi?id=1427991

bugzilla.redhat.com/show_bug.cgi?id=1428890

bugzilla.redhat.com/show_bug.cgi?id=1428943

bugzilla.redhat.com/show_bug.cgi?id=1429610

bugzilla.redhat.com/show_bug.cgi?id=1429640

bugzilla.redhat.com/show_bug.cgi?id=1429951

bugzilla.redhat.com/show_bug.cgi?id=1429977

bugzilla.redhat.com/show_bug.cgi?id=1430023

bugzilla.redhat.com/show_bug.cgi?id=1430038

bugzilla.redhat.com/show_bug.cgi?id=1430074

bugzilla.redhat.com/show_bug.cgi?id=1430353

bugzilla.redhat.com/show_bug.cgi?id=1430926

bugzilla.redhat.com/show_bug.cgi?id=1430946

bugzilla.redhat.com/show_bug.cgi?id=1431104

bugzilla.redhat.com/show_bug.cgi?id=1432118

bugzilla.redhat.com/show_bug.cgi?id=1434616

bugzilla.redhat.com/show_bug.cgi?id=1438512

bugzilla.redhat.com/show_bug.cgi?id=1441552

bugzilla.redhat.com/show_bug.cgi?id=1452240

bugzilla.redhat.com/show_bug.cgi?id=1459056

github.com/torvalds/linux/commit/ac6e780070e30e4c35bd395acfe9191e6268bdd3

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for VERACODE:18234