676 matches found
kernel: bnxt_en: Avoid order-5 memory allocation for TPA data
In the Linux kernel, the following vulnerability has been resolved: bnxten: Avoid order-5 memory allocation for TPA data The driver needs to keep track of all the possible concurrent TPA GRO/LRO completions on the aggregation ring. On P5 chips, the maximum number of concurrent TPA is 256 and the...
CVE-2024-30388
An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If a specific malformed LACP packet is received by a QFX5000...
DEBIAN-CVE-2023-52611
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
UBUNTU-CVE-2023-52611
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
CVE-2023-52611
CVE-2023-52611 (Linux kernel, wifi: rtw88 SDIO): Fixes address skb_over_panic by ensuring the driver can receive more than 1536 bytes from the SDIO card. Root causes include an Amlogic A311D (G12B) SDIO controller hardware bug (DMA transfers blocked; uses SRAM up to 1536 bytes) and rtw88 not spli...
CVE-2023-52611 wifi: rtw88: sdio: Honor the host max_req_size in the RX path
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host maxreqsize in the RX path Lukas reports skboverpanic errors on his Banana Pi BPI-CM4 which comes with an Amlogic A311D G12B SoC and a RTL8822CS SDIO wifi/Bluetooth combo card. The error he observ...
Cisco IOS XR Security Vulnerability
Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR, which arises from a security flaw in Layer 2 Ethernet services that allows an unauthenticated, neighboring attacker to cause the line card's network processor to reset,...
BIT-MONGODB-2021-32037 User may trigger invariant when allowed to send commands directly to shards
An authorized user may trigger an invariant which may result in denial of service or server exit if a relevant aggregation request is sent to a shard. Usually, the requests are sent via mongos and special privileges are required in order to know the address of the shards and to log in to the shar...
BIT-MONGODB-2021-32040 Large aggregation pipelines with a specific stage can crash mongod under default configuration
It may be possible to have an extremely long aggregation pipeline in conjunction with a specific stage/operator and cause a stack overflow due to the size of the stack frames used by that stage. If an attacker could cause such an aggregation to occur, they could maliciously crash MongoDB in a DoS...
CVE-2021-47036
In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...
CVE-2021-47036
In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...
CVE-2021-47036
In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...
CVE-2021-47036 udp: skip L4 aggregation for UDP tunnel packets
In the Linux kernel, the following vulnerability has been resolved: udp: skip L4 aggregation for UDP tunnel packets If NETIFFGROFRAGLIST or NETIFFGROUDPFWD are enabled, and there are UDP tunnels available in the system, udpgroreceive could end-up doing L4 aggregation either SKBGSOUDPL4 or...
Linux kernel security vulnerabilities
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from the fact that if NETIFFGROFRAGLIST or NETIFFGROUDPFWD is enabled and there are available UDP tunnels in the system, udpgroreceive m...
GHSA-M43P-55RF-8C2J Deserialization of Untrusted Data in Apache Camel CassandraQL
Deserialization of Untrusted Data vulnerability in Apache Camel CassandraQL Component AggregationRepository which is vulnerable to unsafe deserialization. Under specific conditions it is possible to deserialize malicious payload.This issue affects Apache Camel: from 3.0.0 before 3.21.4, from 3.22...