UBUNTU-CVE-2022-49420

In the Linux kernel, the following vulnerability has been resolved: net: annotate races around sk-skbounddevif UDP sendmsg is lockless, and reads sk-skbounddevif while this field can be changed by another thread. Adds minimal annotations to avoid KCSAN splats for UDP. Following patches will add...

CVE-2022-49344 af_unix: Fix a data-race in unix_dgram_peer_wake_me().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix a data-race in unixdgrampeerwakeme. unixdgrampoll calls unixdgrampeerwakeme without other's lock held and check if its receive queue is full. Here we need to use unixrecvqfulllockless instead of unixrecvqfull, otherwi...

PT-2025-8698 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to an unknown read issue. The crash involves the processClientServerHello and processTLSBlock functions, as well as the ndpi search tls udp function. Recommendations: At t...

Security update for openvswitch

This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet bsc1236353. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

Security update for openvswitch

This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet bsc1236353. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

Security update for openvswitch

This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet. bsc1236353 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

The vulnerability of the SSL_VERIFY_PEER mode in the OpenSSL cryptographic library allows a attacker to execute a man-in-the-middle attack.

The vulnerability of the SSL-VerifyPEER mode in the OpenSSL cryptographic library is related to the absence of a mechanism to notify the user of the establishment of a connection session. Exploiting this vulnerability allows a malicious actor to execute a “man-in-the-middle” attack during a...

The vulnerability in the implementation of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol for the FortiOS operating system allows a hacker to execute arbitrary code or commands.

The vulnerability of the Control and Provisioning of Wireless Access Points CAPWAP implementation in the FortiOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or commands by sending specially crafted U...

Vulnerability fixed in Fortinet FortiOS

Fortinet has fixed a vulnerability in FortiOS Specifically for versions 7.2.4 to 7.2.8 and 7.4.0 to 7.4.4. The vulnerability is in the way FortiOS handles UDP packets. A malicious party, if stack protection is bypassed and the fabric service is active on the exposed interface, can execute arbitra...

CVE-2024-35279

A stack-based buffer overflow CWE-121 vulnerability in Fortinet FortiOS version 7.2.4 through 7.2.8 and version 7.4.0 through 7.4.4 allows a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to...

The vulnerability of the functions sock_set_flag() and spin_unlock() (net/ipv4/udp.c) in the Linux kernel’s UDP component allows a attacker to cause a service failure.

The vulnerabilities of the functions socksetflag and spinunlock net/ipv4/udp.c in the Linux kernel’s UDP component are related to resource management errors. Exploiting these vulnerabilities could allow an attacker to cause a service failure...

CLSA-2025-1738957378 Fix of 49 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test NAPISTATESCHED in pollonenapi CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndopollcontroller to...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

CVE-2024-27273

IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903...

The vulnerability of the microprogrammed software of medical monitoring devices such as CMS8000 Patient Monitor and Epsimed MN-120 arises from the fact that the output of operations may escape the buffer in memory. This allows an intruder to gain unauthorized access to protected information, execute arbitrary codes, or gain full control over the device.

The vulnerability of the microprogrammed software of the CMS8000 Patient Monitor and Epsimed MN-120 medical devices related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protecte...