Hannes Frederic Sowa

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.14.2 **Description** The issue is related to the xfs da3 fixhashpath function in the xfs implementation, which does not properly compare btree hash values. This allows local users to cause a denial of service, resulting in filesystem corruption, and potentially leading to an OOPS or panic, via operations on directories that have hash collisions. An example of such an operation is an rmdir operation. **Recommendations** For Linux kernel versions prior to 3.14.2, update to version 3.14.2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.12.4 **Description** The issue allows local users to obtain sensitive information from kernel memory. This is achieved through the `packet recvmsg` function, which updates a certain length value before ensuring that an associated data structure has been initialized. The sensitive information can be obtained via a `(1) recvfrom`, `(2) recvmmsg`, or `(3) recvmsg` system call. **Recommendations** For Linux kernel versions prior to 3.12.4, update to version 3.12.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.12.4 **Description** The issue allows local users to obtain sensitive information from kernel memory. This is possible due to the `x25 recvmsg` function updating a certain length value without ensuring that an associated data structure has been initialized. The sensitive information can be obtained via a `(1) recvfrom`, `(2) recvmmsg`, or `(3) recvmsg` system call. **Recommendations** For Linux kernel versions prior to 3.12.4, update to version 3.12.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.12.4 **Description** The issue allows local users to obtain sensitive information from kernel memory. This can be achieved through certain system calls, including `recvfrom`, `recvmmsg`, or `recvmsg`. The `mISDN sock recvmsg` function in the Linux kernel does not properly validate a length value against the size of an associated data structure, leading to this information disclosure. **Recommendations** For Linux kernel versions prior to 3.12.4, update to version 3.12.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.3.3 **Description** The issue allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field in the ext4 journal stop function. **Recommendations** For versions prior to 4.3.3, update to version 4.3.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.12 **Description** The issue allows local users to cause a denial of service, resulting in memory corruption and system crash, or possibly gain privileges. This is achieved through a crafted application that uses the UDP CORK option in a setsockopt system call and sends both short and long packets. The problem is related to the `ip ufo append data` function in net/ipv4/ip output.c and the `ip6 ufo append data` function in net/ipv6/ip6 output.c. **Recommendations** For Linux kernel versions prior to 3.12, update to version 3.12 or later to resolve the issue. As a temporary workaround, consider disabling UDP Fragmentation Offload (UFO) until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.10.1 **Description** The issue is related to the handling of Router Advertisement (RA) messages in the IPv6 stack. Specifically, the fib6 add rt2node function in net/ipv6/ip6 fib.c does not properly handle certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred for one of the first two routes. This can be exploited by remote attackers to cause a denial of service (system crash) via a crafted sequence of messages. **Recommendations** For Linux kernel versions prior to 3.10.1, update to version 3.10.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 3.10 **Description** The issue allows local users to cause a denial of service, resulting in a system crash. This occurs when using an AF INET6 socket for a connection to an IPv4 interface, specifically due to the `ip6 sk dst check` function in `net/ipv6/ip6 output.c`. **Recommendations** For versions prior to 3.10, update to version 3.10 or later to resolve the issue.