Zephyr Trust Management Issues Vulnerabilities

Zephyr is an open source, small, scalable real-time operating system from the Linux Foundation. A trust management issue vulnerability exists in the UpdateHub module in Zephyr 2.1.0 and later fixed in version 2.2.0, which stems from the program disabling DTLS peer checking. An attacker could use...

CVE-2020-5877

On BIG-IP 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, malformed input to the DATAGRAM::tcp iRules command within a FLOWINIT event may lead to a denial of service...

gnutls: DTLS client hello contains a random value of all zeroes

A cryptographic weakness was found in the way DLTS implementation of GnuTLS, used zeros in place of random numbers. This flaw can break the security guarantee of the DTLS protocol...

kernel: The flow_dissector feature allows device tracking

A device tracking vulnerability was found in the flowdissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash instead of siphash is used. The hashmd value remains the same starting from boot ti...

Linux 5.3 Insecure Root Path Handling Exploit

Linux versions 5.3 and above appear to have an issue where iouring suffers from insecure handling of the root directory for path lookups. Linux =5.3: iouring: insecure handling of root directory for path lookups When I saw today, I realized that this is not just a small correctness issue, but als...

Denial Of Service (DoS)

The kernel is vulnerable to denial of service DoS. An integer underflow flaw, leading to a buffer overflow, was found in the Linux kernel's Datagram Congestion Control Protocol DCCP implementation. This could allow a remote attacker to cause a denial of service...

The vulnerability of the UDP protocol in the Siemens SIMATIC TDC CP51M1 communication module allows a intruder to cause a service failure.

The vulnerability of the UDP protocol in the Siemens SIMATIC TDC CP51M1 communication module is related to insufficient data validation during the processing of UDP traffic. Exploiting this vulnerability allows a malicious actor to cause service failures by using specially created UDP packets...

An update is available that adds support for DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1

An update is available that adds support for DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary What is DTLS? The DTLS protocol provides communications privacy. The protocol allows client and server applications to communicate in a way that is designed to prevent eavesdropping, tamperin...

ALPINE-CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

DEBIAN-CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

UBUNTU-CVE-2020-11501

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...

PT-2020-12396 · Tp Link · Tp-Link Archer A7

Name of the Vulnerable Software and Affected Versions: TP-Link Archer A7 Firmware version 190726 Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 routers. Authentication is not required to exploit this issue. The...

SUSE-SU-2020:0528-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Java 8.0 was updated to Service Refresh 6 Fix Pack 5 bsc1162972, bsc1160968 - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2019-4732: Untrusted DLL search path vulnerability - CVE-2020-2593: Normalize normalization for all -...

[SECURITY] Fedora 31 Update: ppp-2.4.7-34.fc31

The ppp package contains the PPP Point-to-Point Protocol daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an ISP Internet Service Provider or other organization over a modem...

jenkins: UDP multicast/broadcast service amplification reflection attack

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848...

SUSE-SU-2020:0628-1 Security update for java-1_7_0-openjdk

This update for java-170-openjdk fixes the following issues: Update java-170-openjdk to version jdk7u251 January 2020 CPU, bsc1160968: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for all -...

ppp security update

An update is available for ppp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The ppp packages contain the Point-to-Point Protocol PPP daemon and documentation...

SUSE-SU-2020:0466-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Java 8.0 was updated to Service Refresh 6 Fix Pack 5 bsc1162972, bsc1160968 - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2019-4732: Untrusted DLL search path vulnerability - CVE-2020-2593: Normalize normalization for all -...

SUSE-SU-2020:14287-1 Security update for java-1_7_1-ibm

This update for java-171-ibm fixes the following issues: Java was updated to 7.1 Service Refresh 4 Fix Pack 60 bsc1162972, bsc1160968. Security issues fixed: - CVE-2020-2583: Fixed a serialization vulnerability in BeanContextSupport bsc1162972. - CVE-2020-2593: Fixed an incorrect check in...

jenkins: UDP multicast/broadcast service amplification reflection attack

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848...