|
|
Subscribe / Log in / New account

kernel: two vulnerabilities

Package(s):kernel CVE #(s):CVE-2004-0230 CVE-2016-9685
Created:January 31, 2017 Updated:February 1, 2017
Description: From the CVE entries:

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. (CVE-2004-0230)

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations. (CVE-2016-9685)

Alerts:
SUSE SUSE-SU-2017:0494-1 the Linux Kernel 2017-02-17
Ubuntu USN-3187-2 linux-ti-omap4 2017-02-09
SUSE SUSE-SU-2017:0437-1 the Linux Kernel 2017-02-09
Ubuntu USN-3187-1 kernel 2017-02-03
SUSE SUSE-SU-2017:0333-1 kernel 2017-01-30
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds