The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

kernel: ppp: reject claimed-as-LCP but actually malformed packets

The vulnerability was found in the Linux kernel's ppp pppgeneric.c driver, in the pppread and pppwrite functions where malformed packets were erroneously identified as LCP packets, leading to potential issues with packet handling. This flaw could potentially lead to system instability...

CVE-2024-21416

Windows TCP/IP Remote Code Execution Vulnerability...

PT-2024-6255 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a buffer overflow in the TCP/IP protocol implementation in Windows operating systems. This can be exploited by a remote attacker to execute arbitrary code. The...

kernel: ppp: reject claimed-as-LCP but actually malformed packets

The vulnerability was found in the Linux kernel's ppp pppgeneric.c driver, in the pppread and pppwrite functions where malformed packets were erroneously identified as LCP packets, leading to potential issues with packet handling. This flaw could potentially lead to system instability...

kernel: ppp: reject claimed-as-LCP but actually malformed packets

The vulnerability was found in the Linux kernel's ppp pppgeneric.c driver, in the pppread and pppwrite functions where malformed packets were erroneously identified as LCP packets, leading to potential issues with packet handling. This flaw could potentially lead to system instability...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible concurrent execution of the tcpskexitbatch function of the tcp component...

kernel: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().

A security vulnerability has been identified in the TCP networking implementation of the Linux kernel. Specifically, the dctcpupdatealpha function is susceptible to a shift-out-of-bounds condition. This flaw could potentially be exploited to cause unexpected behavior or a denial-of-service...

kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().

A use-after-free flaw was found in the Linux kernel’s TCP protocol in how a local user triggers a complex race condition during connection to the socket. This flaw allows a local user to crash or potentially escalate their privileges on the system...

DEBIAN-CVE-2024-44935

In the Linux kernel, the following vulnerability has been resolved: sctp: Fix null-ptr-deref in reuseportaddsock. syzbot reported a null-ptr-deref while accessing sk2-skreuseportcb in reuseportaddsock. 0 The repro first creates a listener with SOREUSEPORT. Then, it creates another listener on the...

UBUNTU-CVE-2022-48909

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smcrelease smcconnectwork if sk-skstate == SMCINIT sendclcconfirim tcpabort; ... sk.skstate = SMCACTIVE smccloseactive...

kernel: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().

A use-after-free flaw was found in the Linux kernel’s TCP protocol in how a local user triggers a complex race condition during connection to the socket. This flaw allows a local user to crash or potentially escalate their privileges on the system...

The vulnerability of the sctp_sock_dump() function in the Linux operating system’s SCTP kernel component, which allows a hacker to cause a service failure

The vulnerability of the sctpsockdump function in the Linux operating system’s SCTP kernel component is related to the use of callrcu for memory release. Exploiting this vulnerability could allow an attacker to trigger a service failure...

tcp: avoid too many retransmit packets

...

CVE-2024-42154

...

A flood of DNS messages over TCP may make the server unstable

...

edk2: Predictable TCP Initial Sequence Numbers

A security flaw has been identified in EDK2, the open-source reference implementation of the UEFI specification. This vulnerability enables an unauthorized attacker to potentially disclose sensitive information...

kernel: tcp: make sure init the accept_queue's spinlocks once

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...

kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets

In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdownSENDSHUTDOWN for TCPSYNRECV sockets TCPSYNRECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash 1, syzbot managed to trigger a divide by zero in...

kernel: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets

In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdownSENDSHUTDOWN for TCPSYNRECV sockets TCPSYNRECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash 1, syzbot managed to trigger a divide by zero in...