Novell : Security Vulnerabilities, CVEs, Published In 2014 (Denial of service) CVSS score >= 3
The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.
Max CVSS
5.5
EPSS Score
0.06%
Published
2014-11-10
Updated
2020-08-13
The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.
Max CVSS
5.5
EPSS Score
0.04%
Published
2014-10-13
Updated
2020-08-14
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.
Max CVSS
5.5
EPSS Score
0.06%
Published
2014-11-10
Updated
2023-02-13
The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.
Max CVSS
7.8
EPSS Score
9.16%
Published
2014-11-10
Updated
2023-02-13
The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
Max CVSS
10.0
EPSS Score
9.23%
Published
2014-09-05
Updated
2017-08-29
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.
Max CVSS
4.9
EPSS Score
0.05%
Published
2014-09-28
Updated
2023-02-13
6 vulnerabilities found