1285 matches found
CVE-2024-47684
...
kernel: sctp: Fix null-ptr-deref in reuseport_add_sock().
In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...
The vulnerability of the microprogrammed software in the SIMATIC S7-200 SMART CPU family, related to uncontrolled resource consumption, allows a intruder to trigger malfunctions during maintenance operations.
The vulnerability of the microprogrammed software in the SIMATIC S7-200 SMART CPU family is related to incorrect processing of TCP packets. Exploiting this vulnerability can allow an attacker to cause malfunctions in the system remotely...
Cisco Firepower Threat Defense 安全漏洞
Cisco Firepower Threat Defense FTD is a suite of unified software that provides next-generation firewall services from Cisco USA. A security vulnerability exists in Cisco Firepower Threat Defense that originates from a logic error when processing an initial half-open TCP connection...
AZL-52914 CVE-2024-49944 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: sctp: set skstate back to CLOSED if autobind fails in sctplistenstart In sctplistenstart invoked by sctpinetlisten, it should set the skstate back to CLOSED if sctpautobind fails due to whatever reason. Otherwise, next time when...
UBUNTU-CVE-2024-49979
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from fraglist Detect tcp gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Vali...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a tcp fraglist segmentation issue in the net:gso subsystem, which could lead to a null pointer dereference...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to reset skstate to CLOSED in the sctp subsystem upon an auto-bind failure, which could result i...
CVE-2024-44991
...
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
CVE-2024-3806...
The vulnerability of Juniper Networks’ Junos OS Evolved operating system, related to insufficient checking of unusual or exceptional states, allows a perpetrator to trigger a service failure.
The vulnerability of Juniper Networks’ Junos OS Evolved operating system is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending specially crafted TCP packets...
The vulnerability of the sctp_sf_do_unexpected_init() function in the Linux kernel of the SCTP protocol allows a attacker to cause a service failure.
The vulnerability of the sctpsfdounexpectedinit function in the SCTP protocol’s kernel implementation in Linux is related to a memory leak that occurs when processing invalid INIT packets. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...
PT-2024-7136
Name of the Vulnerable Software and Affected Versions Junos OS Evolved versions prior to 21.4R3-S9-EVO Junos OS Evolved versions 22.2 prior to 22.2R3-S4-EVO Junos OS Evolved version 22.4 prior to 22.4R3-S3-EVO Junos OS Evolved versions 23.2 prior to 23.2R2-S1-EVO Junos OS Evolved versions 23.4...
kernel: ppp: reject claimed-as-LCP but actually malformed packets
The vulnerability was found in the Linux kernel's ppp pppgeneric.c driver, in the pppread and pppwrite functions where malformed packets were erroneously identified as LCP packets, leading to potential issues with packet handling. This flaw could potentially lead to system instability...
kernel: tcp: avoid too many retransmit packets
A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...
kernel: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().
A security vulnerability has been identified in the TCP networking implementation of the Linux kernel. Specifically, the dctcpupdatealpha function is susceptible to a shift-out-of-bounds condition. This flaw could potentially be exploited to cause unexpected behavior or a denial-of-service...
kernel: ppp: reject claimed-as-LCP but actually malformed packets
The vulnerability was found in the Linux kernel's ppp pppgeneric.c driver, in the pppread and pppwrite functions where malformed packets were erroneously identified as LCP packets, leading to potential issues with packet handling. This flaw could potentially lead to system instability...
kernel: tcp: avoid too many retransmit packets
A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...
kernel: ppp: reject claimed-as-LCP but actually malformed packets
The vulnerability was found in the Linux kernel's ppp pppgeneric.c driver, in the pppread and pppwrite functions where malformed packets were erroneously identified as LCP packets, leading to potential issues with packet handling. This flaw could potentially lead to system instability...
kernel: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().
A security vulnerability has been identified in the TCP networking implementation of the Linux kernel. Specifically, the dctcpupdatealpha function is susceptible to a shift-out-of-bounds condition. This flaw could potentially be exploited to cause unexpected behavior or a denial-of-service...