Explore top 10 tips to secure your open-source projects now. Read More
×CVE-2014-8159
It was found that the Linux kernel's InfiniBand/RDMA subsystem did
not properly sanitize input parameters while registering memory
regions from user space via the (u)verbs API. A local user with
access to a /dev/infiniband/uverbsX device could use this flaw to
crash the system or, potentially, escalate their privileges on the
system.
CVE-2014-9715
It was found that the netfilter connection tracking subsystem used
too small a type as an offset within each connection's data
structure, following a bug fix in Linux 3.2.33 and 3.6. In some
configurations, this would lead to memory corruption and crashes
(even without malicious traffic). This could potentially also
result in violation of the netfilter policy or remote code
execution.
This can be mitigated by disabling connection tracking accounting:
sysctl net.netfilter.nf_conntrack_acct=0
CVE-2015-2041
Sasha Levin discovered that the LLC subsystem exposed some variables
...
Get the latest Linux and open source security news straight to your inbox.