1883 matches found
CVE-2023-32067
...
AZL-43924 CVE-2023-32067 affecting package python-pycares 3.1.1-3
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...
AZL-26918 CVE-2023-32067 affecting package fluent-bit for versions less than 2.1.10-1
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...
AZL-26921 CVE-2023-32067 affecting package grpc for versions less than 1.42.0-8
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...
AZL-26939 CVE-2023-32067 affecting package nodejs18 for versions less than 18.17.1-2
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...
UBUNTU-CVE-2023-32067
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...
USN-6109-1: Linux kernel (Raspberry Pi) vulnerabilities
Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...
USN-6109-1 linux-raspi, linux-raspi-5.4 vulnerabilities
Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service system crash. CVE-2022-3707 Jordy Zomer and Alexandra Sandulescu discover...
Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry
A new botnet called Dark Frost has been observed launching distributed denial-of-service DDoS attacks against the gaming industry. "The Dark Frost botnet, modeled after Gafgyt, QBot, Mirai, and other malware strains, has expanded to encompass hundreds of compromised devices," Akamai security...
The vulnerability of the microprogrammed software of the D-Link DCS-825L network camera allows a intruder to trigger a service failure.
The vulnerability of the microprogrammed software of the D-Link DCS-825L network camera relates to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending a large number of specially crafted network packets SYN...
SUSE CVE-2023-32067
c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...
CVE-2023-31994
Certain Hanwha products are vulnerable to Denial of Service DoS. ck vector is: When an empty UDP packet is sent to the listening service, the service thread results in a non-functional service DoS via WS Discovery and Hanwha proprietary discovery services. This affects IP Camera ANE-L7012R 1.41.0...
USN-6096-1: Linux kernel vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...
Ubuntu: Security Advisory (USN-6090-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6091-1: Linux kernel vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...
USN-6085-1: Linux kernel (Raspberry Pi) vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Zheng Wang discovered that the Intel i915 graphics...
kernel: remote DoS in TIPC kernel module
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...
kernel: udp: Fix a data-race around sysctl_udp_l3mdev_accept.
In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...
net-snmp: NULL Pointer Exception when handling pv6IpForwarding
A flaw was found in Net-SNMP. This issue occurs because the handleipv6IpForwarding in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP has a NULL Pointer Exception that could allow a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in a denial of service...
net-snmp: NULL Pointer Exception when handling ipDefaultTTL
A vulnerability was found in Net-SNMP. This issue occurs because the handleipDefaultTTL function in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP has a NULL Pointer Exception flaw that allows a remote attacker who has to write access to cause the instance to crash via a crafted UDP packet,...