The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of QRadar SIEM

computer threat alert CVE-2017-6214

Linux kernel: infinite loop via tcp_splice_read

Synthesis of the vulnerability

An attacker can generate an infinite loop via tcp_splice_read() on the Linux kernel, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 24/02/2017.
Identifiers: 2011728, CERTFR-2017-AVI-128, CERTFR-2017-AVI-141, CERTFR-2017-AVI-162, CERTFR-2017-AVI-282, CERTFR-2017-AVI-307, CERTFR-2017-AVI-311, CVE-2017-6214, DLA-849-1, DSA-3804-1, K81211720, openSUSE-SU-2017:0906-1, openSUSE-SU-2017:0907-1, RHSA-2017:1372-01, RHSA-2017:1615-01, RHSA-2017:1616-01, SA148, SUSE-SU-2017:1183-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1301-1, SUSE-SU-2017:1360-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2525-1, USN-3265-1, USN-3265-2, USN-3361-1, USN-3422-1, USN-3422-2, VIGILANCE-VUL-21953.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate an infinite loop via tcp_splice_read() on the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat announce CVE-2016-3013 CVE-2016-3052 CVE-2016-8915

IBM WebSphere MQ: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of IBM WebSphere MQ.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 6.
Creation date: 21/02/2017.
Identifiers: 1995099, 1998647, 1998648, 1998649, 1998660, 1998661, 1998663, 1998797, 2015824, CVE-2016-3013, CVE-2016-3052, CVE-2016-8915, CVE-2016-8971, CVE-2016-8986, CVE-2016-9009, VIGILANCE-VUL-21920.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in IBM WebSphere MQ.

An attacker can trigger a fatal error via Invalid Channel Protocol, in order to trigger a denial of service. [severity:2/4; 1998649, CVE-2016-8915]

An attacker can generate a buffer overflow via Channel Data Conversion, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 1998661, CVE-2016-3013]

An attacker can trigger a fatal error via MQXR Listener, in order to trigger a denial of service. [severity:2/4; 1998648, CVE-2016-8986]

An attacker can bypass security features via Java Clients, in order to obtain sensitive information. [severity:2/4; 1998660, CVE-2016-3052]

An attacker can force a read at an invalid address via Administration Command, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; 1998663, CVE-2016-8971]

An attacker can trigger a fatal error via Cluster Channel Definition, in order to trigger a denial of service. [severity:2/4; 1998647, CVE-2016-9009]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-6001

Linux kernel: privilege escalation via sys_perf_event_open

Synthesis of the vulnerability

An attacker can bypass restrictions via sys_perf_event_open() on the Linux kernel, in order to escalate his privileges.
Severity: 2/4.
Creation date: 20/02/2017.
Identifiers: 2011746, CERTFR-2017-AVI-169, CERTFR-2017-AVI-287, CVE-2017-6001, DLA-833-1, DSA-3791-1, K24578092, RHSA-2017:1842-01, RHSA-2017:2077-01, RHSA-2017:2669-01, RHSA-2018:1854-01, USN-3312-1, USN-3312-2, USN-3361-1, VIGILANCE-VUL-21902.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via sys_perf_event_open() on the Linux kernel, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

security alert CVE-2017-5970

Linux kernel: NULL pointer dereference via ipv4_pktinfo_prepare

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via ipv4_pktinfo_prepare() on the Linux kernel, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 13/02/2017.
Identifiers: 2011746, CERTFR-2017-AVI-060, CERTFR-2017-AVI-128, CERTFR-2017-AVI-282, CERTFR-2017-AVI-287, CERTFR-2017-AVI-307, CERTFR-2017-AVI-311, CVE-2017-5970, DLA-922-1, DSA-3791-1, FEDORA-2017-0054c7b1f0, FEDORA-2017-787bc0d5b4, K60104355, openSUSE-SU-2017:0541-1, openSUSE-SU-2017:0547-1, RHSA-2017:1842-01, RHSA-2017:2077-01, RHSA-2017:2669-01, SA148, SUSE-SU-2017:0517-1, SUSE-SU-2017:0575-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1301-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2525-1, USN-3265-1, USN-3265-2, USN-3361-1, USN-3422-1, USN-3422-2, VIGILANCE-VUL-21801.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via ipv4_pktinfo_prepare() on the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer threat bulletin CVE-2017-2596

Linux kernel: memory leak via KVM VMXON

Synthesis of the vulnerability

An attacker, inside a guest system, can create a memory leak via KVM VMXON on the Linux kernel, in order to trigger a denial of service on the host system.
Severity: 1/4.
Creation date: 31/01/2017.
Identifiers: 2011746, CERTFR-2017-AVI-141, CERTFR-2017-AVI-158, CERTFR-2017-AVI-169, CVE-2017-2596, DSA-3791-1, FEDORA-2017-392b319bb5, FEDORA-2017-472052ebe5, openSUSE-SU-2017:0906-1, openSUSE-SU-2017:0907-1, RHSA-2017:1842-01, RHSA-2017:2077-01, SUSE-SU-2017:1183-1, SUSE-SU-2017:1990-1, USN-3293-1, USN-3312-1, USN-3312-2, USN-3361-1, VIGILANCE-VUL-21722.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can create a memory leak via KVM VMXON on the Linux kernel, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

security vulnerability CVE-2016-2183 CVE-2016-5546 CVE-2016-5547

Oracle Java: vulnerabilities of January 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Oracle Java.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 17.
Creation date: 18/01/2017.
Identifiers: 1998379, 1998858, 1999054, 1999999, 2000212, 2000304, 2000516, 2000544, 2000602, 2000988, 2000990, 2001608, 2002331, 2002335, 2002336, 2002479, 2002537, 2002966, 2002991, 2003145, 2004036, 2004938, 2007242, bulletinapr2017, CERTFR-2017-AVI-017, cpujan2017, CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3260, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289, DLA-802-1, DLA-821-1, DSA-2019-131, DSA-3782-1, ERPSCAN-17-006, ESA-2017-051, FEDORA-2017-4cb58f0bda, FEDORA-2017-c1252ccd41, ibm10718843, java_jan2017_advisory, NTAP-20170119-0001, openSUSE-SU-2017:0374-1, openSUSE-SU-2017:0513-1, RHSA-2017:0175-01, RHSA-2017:0176-01, RHSA-2017:0177-01, RHSA-2017:0180-01, RHSA-2017:0263-01, RHSA-2017:0269-01, RHSA-2017:0336-01, RHSA-2017:0337-01, RHSA-2017:0338-01, RHSA-2017:0462-01, SB10186, SUSE-SU-2017:0346-1, SUSE-SU-2017:0460-1, SUSE-SU-2017:0490-1, SUSE-SU-2017:1444-1, USN-3179-1, USN-3194-1, USN-3198-1, VIGILANCE-VUL-21606, ZDI-17-056, ZDI-17-057.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Oracle Java.

An attacker can use a vulnerability via Hotspot, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2017-3289, ZDI-17-057]

An attacker can use a vulnerability via Libraries, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2017-3272, ZDI-17-056]

An attacker can use a vulnerability via RMI, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2017-3241]

An attacker can use a vulnerability via AWT, in order to obtain information, to alter information, or to trigger a denial of service. [severity:3/4; CVE-2017-3260]

An attacker can use a vulnerability via 2D, in order to trigger a denial of service. [severity:3/4; CVE-2017-3253]

An attacker can use a vulnerability via Libraries, in order to alter information. [severity:3/4; CVE-2016-5546]

An attacker can use a vulnerability via Libraries, in order to obtain information. [severity:2/4; CVE-2016-5549]

An attacker can use a vulnerability via Libraries, in order to obtain information. [severity:2/4; CVE-2016-5548]

An attacker can use a vulnerability via JAAS, in order to alter information. [severity:2/4; CVE-2017-3252]

An attacker can use a vulnerability via Java Mission Control, in order to obtain information. [severity:2/4; CVE-2017-3262]

An attacker can use a vulnerability via Libraries, in order to trigger a denial of service. [severity:2/4; CVE-2016-5547]

An attacker can use a vulnerability via Networking, in order to alter information. [severity:2/4; CVE-2016-5552]

An attacker can use a vulnerability via Networking, in order to obtain information. [severity:2/4; CVE-2017-3231]

An attacker can use a vulnerability via Networking, in order to obtain information. [severity:2/4; CVE-2017-3261]

An attacker can use a vulnerability via Deployment, in order to obtain information. [severity:1/4; CVE-2017-3259]

An attacker can use a vulnerability via Java Mission Control, in order to alter information. [severity:1/4; CVE-2016-8328]

An attacker can use a vulnerability via Libraries, in order to obtain information. [severity:1/4; CVE-2016-2183]
Full Vigil@nce bulletin... (Free trial)

computer weakness note CVE-2016-10147

Linux kernel: NULL pointer dereference via mcryptd

Synthesis of the vulnerability

A local attacker can force a NULL pointer to be dereferenced via mcryptd in the Linux kernel, in order to trigger a denial of service.
Severity: 2/4.
Creation date: 17/01/2017.
Identifiers: 2011746, CERTFR-2017-AVI-039, CERTFR-2017-AVI-045, CVE-2016-10147, openSUSE-SU-2017:0458-1, RHSA-2017:1842-01, RHSA-2017:2077-01, USN-3189-1, USN-3189-2, USN-3190-1, USN-3190-2, VIGILANCE-VUL-21596.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Linux kernel includes an implementation of cryptographic algorithms, which is callable from the user space via a socket of address type AF_ALG.

However, in the source file "mcryptd.c", the algorithm name is not validated. When an unknown name is specified, a newly allocated structure keeps a NULL pointer until an attempt to use it.

A local attacker can therefore force a NULL pointer to be dereferenced via mcryptd in the Linux kernel, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2016-10088

Linux kernel: memory corruption via blk_rq_map_user_iov

Synthesis of the vulnerability

An attacker can generate a memory corruption via blk_rq_map_user_iov() on the Linux kernel, in order to trigger a denial of service, and possibly to run code. This vulnerability originates from an incomplete fix for VIGILANCE-VUL-21339.
Severity: 2/4.
Creation date: 02/01/2017.
Identifiers: 2011746, CERTFR-2017-AVI-034, CERTFR-2017-AVI-042, CERTFR-2017-AVI-044, CERTFR-2017-AVI-050, CERTFR-2017-AVI-053, CERTFR-2017-AVI-054, CERTFR-2017-AVI-058, CERTFR-2017-AVI-131, CERTFR-2017-AVI-233, CERTFR-2017-AVI-287, CVE-2016-10088, DLA-772-1, K54610514, openSUSE-SU-2017:0458-1, RHSA-2017:0817-01, RHSA-2017:1842-01, RHSA-2017:2077-01, RHSA-2017:2669-01, SUSE-SU-2017:0333-1, SUSE-SU-2017:0407-1, SUSE-SU-2017:0437-1, SUSE-SU-2017:0464-1, SUSE-SU-2017:0471-1, SUSE-SU-2017:0494-1, SUSE-SU-2017:1102-1, USN-3208-1, USN-3208-2, USN-3209-1, USN-3360-1, USN-3360-2, VIGILANCE-VUL-21494.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a memory corruption via blk_rq_map_user_iov() on the Linux kernel, in order to trigger a denial of service, and possibly to run code. This vulnerability originates from an incomplete fix for VIGILANCE-VUL-21339.
Full Vigil@nce bulletin... (Free trial)

cybersecurity threat CVE-2016-9878

Spring Framework: directory traversal via ResourceServlet

Synthesis of the vulnerability

An attacker can traverse directories via ResourceServlet of Spring Framework, in order to read a file outside the service root path.
Severity: 2/4.
Creation date: 22/12/2016.
Identifiers: 1996375, 2015813, CST-7122, CST-7123, CST-7124, CST-7125, CST-7126, CST-7127, CST-7128, CST-7129, CST-7130, CST-7131, CVE-2016-9878, DLA-1853-1, FEDORA-2016-f341d71730, RHSA-2017:3115-01, VIGILANCE-VUL-21453.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Spring Framework product offers a web service.

However, user's data are directly inserted in an access path. Sequences such as "/.." can thus be used to go in the upper directory.

An attacker can therefore traverse directories via ResourceServlet of Spring Framework, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

computer weakness bulletin CVE-2016-9588

Linux kernel: denial of service via KVM

Synthesis of the vulnerability

An attacker, inside a guest system, on a host using twice the KVM virtualization, can generate a fatal error in the Linux kernel, in order to trigger a denial of service on the host system.
Severity: 1/4.
Creation date: 15/12/2016.
Identifiers: 2011746, CERTFR-2017-AVI-058, CERTFR-2017-AVI-162, CERTFR-2018-AVI-557, CVE-2016-9588, DLA-849-1, DSA-3804-1, FEDORA-2016-2b1f91e9bd, FEDORA-2016-dd895763ac, RHSA-2017:1842-01, RHSA-2017:2077-01, SUSE-SU-2017:1247-1, SUSE-SU-2017:1360-1, USN-3208-1, USN-3208-2, USN-3209-1, USN-3822-1, USN-3822-2, VIGILANCE-VUL-21389.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, on a host using twice the KVM virtualization, can generate a fatal error in the Linux kernel, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about QRadar SIEM: