CVE-2020-12819

A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode i...

PT-2024-36787 · Matter · Matter

Name of the Vulnerable Software and Affected Versions: Matter aka connectedhomeip or Project CHIP versions 1.4.0.0 and earlier, before 27ca6ec Description: The issue is related to a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial ...

TCP-Vuln-Report

TCP-Vuln-Repor...

CVE-2024-50154

...

CVE-2024-49944

...

CVE-2024-50083

...

CVE-2024-50299

...

The vulnerability of the IQ microprogramming software-based Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.

The vulnerability of the IQ microprogrammed IP camera system from Lorex 2K Indoor Wi-Fi Security Camera lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to elevate their privileges to root and gain full acce...

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...

The vulnerability of the TCP component in the Linux operating system’s kernel allows attackers to carry out attacks by replacing certain components.

The vulnerability of the TCP component in the Linux operating system’s kernel is related to errors in information representation by the user interface. Exploiting this vulnerability can allow an attacker to carry out an attack through substitution methods...

kernel: nvme-tcp: fix UAF when detecting digest errors

A use-after-free vulnerability was found in the Linux kernel in drivers/nvme/host/tcp.c in nvmetcpiowork. This issue can occur when a local user continues to read data after the connection finishes. This flaw allows a malicious user to cause a use-after-free problem...

The vulnerability of the TCP component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the TCP component in the Linux operating system’s kernel is related to improper locking of resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2024-50299

In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctpsfootb A size validation fix similar to that in Commit 50619dbf8db7 "sctp: add size validation when walking chunks" is also required in sctpsfootb to address a crash reported by syzbot:...

UBUNTU-CVE-2024-50299

In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctpsfootb A size validation fix similar to that in Commit 50619dbf8db7 "sctp: add size validation when walking chunks" is also required in sctpsfootb to address a crash reported by syzbot:...

Cisco BroadWorks 资源管理错误漏洞

Cisco BroadWorks is a carrier-grade unified communications software platform from Cisco. It is used to deploy cloud calls from public network platforms on any type of wired or wireless network architecture. A resource management error vulnerability exists in Cisco BroadWorks that stems from certa...

XINJE XD5E和XINJE XL5E 安全漏洞

XINJE XD5E and XINJE XL5E are both products of China XINJE Corporation.XINJE XD5E is a PLC.XINJE XL5E is a PLC. A security vulnerability exists in the XINJE XD5E and XINJE XL5E version 3.5.3b that originates from a vulnerability that allows an attacker to cause a denial of service via a specially...

PT-2024-34470 · Xinje · Xinje Xl5E-16T +1

Name of the Vulnerable Software and Affected Versions: XINJE XD5E-24R version 3.5.3b XINJE XL5E-16T version 3.5.3b Description: An issue in how XINJE controllers handle TCP protocol messages allows attackers to cause a Denial of Service DoS via a crafted TCP message. Recommendations: For XINJE...

kernel: tcp: make sure init the accept_queue's spinlocks once

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...

kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets

In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdownSENDSHUTDOWN for TCPSYNRECV sockets TCPSYNRECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash 1, syzbot managed to trigger a divide by zero in...

kernel: tcp: avoid too many retransmit packets

A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...