DEBIAN-CVE-2022-1012

A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem...

CVE-2022-1012

A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...

SimpleNetwork 资源管理错误漏洞

SimpleNetwork is a simple TCP service. A security vulnerability exists in SimpleNetwork that stems from a double release vulnerability created via specially crafted TCP packets...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...

The vulnerability of TCP modules in the software utility for processing Rsyslog logs, which allows a hacker to execute arbitrary code.

The vulnerability of TCP modules in the Rsyslog log-processing software lies in the writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Siemens’ software and hardware-based TCP services, which allows attackers to trigger service failures.

The vulnerability of Siemens’ software and hardware TCP services is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the SEPCOS Single Package software for the Secheron SEPCOS control and protection relay allows a hacker to elevate their privileges to the level of a superuser.

The vulnerability of the SEPCOS Single Package control and protection relay software is related to weak password requirements. Exploiting this vulnerability could allow a malicious actor to elevate their privileges to superuser status through the open TCP port for SSH...

CVE-2022-30791

In CmpBlkDrvTcp of CODESYS V3 in multiple versions an uncontrolled ressource consumption allows an unauthorized attacker to block new TCP connections. Existing connections are not affected...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...

The vulnerabilities of microprogrammed software in programmable logic controllers such as ILC 1x0, ILC 1x1, ILC 1x1 GSM/GPRS, ILC 3xx, AXC 1050, AXC 1050 XC, AXC 3050, RFC 480S PN 4TX, RFC 470 PN 3TX, RFC 470S PN 3TX, RFC 460R PN 3TX, RFC 460R PN 3TX-S, RFC 430 ETH-IB, RFC 450 ETH-IB, PC WORX SRT, PC WORX RT BASIC, and FC 350 PCI ETH are related to authentication process flaws. These flaws allow attackers to gain unauthorized access to protected information or compromise the integrity of that information.

The vulnerabilities of the microprogrammed logic controllers ILC 1x0, ILC 1x1, ILC 1x1 GSM/GPRS, ILC 3xx, AXC 1050, AXC 1050 XC, AXC 3050, RFC 480S PN 4TX, RFC 470 PN 3TX, RFC 470S PN 3TX, RFC 460R PN 3TX, RFC 460R PN 3TX-S, RFC 430 ETH-IB, RFC 450 ETH-IB, PC WORX SRT, PC WORX RT BASIC, and FC 35...

CVE-2022-32557

An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers...

The vulnerability of the Cisco IOX software platform, which arises due to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco IOx software platform exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted TCP traffic...

rsyslog: Heap-based overflow in TCP syslog server

A flaw was found in rsyslog's reception TCP modules. This flaw allows an attacker to craft a malicious message leading to a heap-based buffer overflow. This issue allows the attacker to corrupt or access data stored in memory, leading to a denial of service in the rsyslog or possible remote code...

Buffer overflow in TCP syslog server (receiver) components in rsyslog

...

CVE-2021-3254

Asus DSL-N14U-B1 1.1.2.3805 allows remote attackers to cause a Denial of Service DoS via a TCP SYN scan using nmap...

kernel: tcp: fix page frag corruption on page fault

A vulnerability was found in the Linux kernel's TCP subsystem in the tcpsendmsglocked function, which can lead to page fragment corruption during a page fault, which occurs when a TCP stream experiences nested access to the task page fragment due to a page fault while handling memory-mapped...

CVE-2022-29491

On F5 BIG-IP LTM, Advanced WAF, ASM, or APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5, 14.1.x versions prior to 14.1.4.6, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a virtual server is configured with HTTP, TCP on one side client/server, and DTLS on the other...