Canonical » Ubuntu Linux » 12.04 esm : Security Vulnerabilities, CVEs, Published In 2017 (Denial of service)
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
Max CVSS
7.4
EPSS Score
0.25%
Published
2017-12-11
Updated
2019-05-14
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly have unspecified other impact by sending crafted data to the daemon.
Max CVSS
9.8
EPSS Score
8.67%
Published
2017-11-06
Updated
2020-05-01
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.
Max CVSS
7.8
EPSS Score
0.04%
Published
2017-11-15
Updated
2023-01-19
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.
Max CVSS
9.1
EPSS Score
4.77%
Published
2017-05-01
Updated
2020-07-29
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
Max CVSS
7.1
EPSS Score
0.95%
Published
2017-02-03
Updated
2024-01-10
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.
Max CVSS
7.5
EPSS Score
5.14%
Published
2017-01-13
Updated
2020-06-18
The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.
Max CVSS
8.8
EPSS Score
1.66%
Published
2017-02-13
Updated
2019-08-06
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
Max CVSS
7.7
EPSS Score
0.58%
Published
2017-04-13
Updated
2020-09-09
8 vulnerabilities found