1883 matches found
CVE-2024-50154
...
CVE-2023-6937
...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: afpacket: fixed vlangetprotocoldgram vs MSGPEEK The responsible commit forgot to handle the MSGPEEK case, resulting in a crash 1, as detected by syzbot. vlangetprotocoldgram was rewritten so that it does not touch the skb at...
The vulnerability of the UDP component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the udp component in the Linux operating system’s kernel is related to a memory corruption in the udpgroreceive function. Exploiting this vulnerability can allow an attacker to cause a service failure...
PT-2024-35657
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.10.0-rc7 Description The issue is related to a memory leak in the Linux kernel, specifically in the s390/iucv component. When the MSG PEEK flag is passed to skb recv datagram, it increments the skb-users...
Bosch Rexroth IndraDrive 安全漏洞
Bosch Rexroth IndraDrive is a servo drive system from Bosch Rexroth that supports multiple protocols. A security vulnerability exists in Bosch Rexroth IndraDrive that originates from a flaw in the PROFINET stack implementation, which can be exploited by an attacker to send an arbitrary UDP messag...
gso: fix udp gso fraglist segmentation after pull from frag_list
...
Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.13+11 October 2024 CPU Security fixes JDK-8307383: Enhance DTLS connections JDK-8290367, JDK-8332643: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property...
OESA-2024-2371 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6fragment Blamed commit claimed rcureadlock was held by ip6fragment callers. It seems to not be always true, at least for UDP...
SUSE CVE-2024-50095
In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases madagentpriv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be...
DEBIAN-CVE-2024-50095
In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent acquires/releases madagentpriv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be...
kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error
A flaw was found in Linux kernel tipc. tipcudpaddr2str does not return a nonzero value when UDP media address is invalid, which can result in a buffer overflow in tipcmediaaddrprintf...
kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error
A flaw was found in Linux kernel tipc. tipcudpaddr2str does not return a nonzero value when UDP media address is invalid, which can result in a buffer overflow in tipcmediaaddrprintf...
Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. Intermittent nfs mount failures may be due to SUNRPC over UDP bsc1231353 CVE-2024-40954: net: do not leav...
PT-2024-9329 · Lorex · Lorex 2K Indoor Wi-Fi Security Camera
Name of the Vulnerable Software and Affected Versions: Lorex 2K Indoor Wi-Fi Security Camera versions prior to 2.800.0000000.8.R.20241111 Description: An unauthenticated attacker can perform a null pointer dereference in the DHIP Service using the UDP port 37810. This issue can potentially allow ...
SUSE CVE-2022-48956
In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6fragment Blamed commit claimed rcureadlock was held by ip6fragment callers. It seems to not be always true, at least for UDP stack. syzbot reported: BUG: KASAN: use-after-free in ip6dstidev...
DEBIAN-CVE-2024-49978
In the Linux kernel, the following vulnerability has been resolved: gso: fix udp gso fraglist segmentation after pull from fraglist Detect gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Valid...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a fraglist segmentation issue in gso's handling of udp packets resulting in a segmentation error...
kernel: udp: do not accept non-tunnel GSO skbs landing in a tunnel
CVE-2024-35884 highlights a flaw in the Linux kernel's handling of UDP packets when Generic Receive Offload GRO forwarding is enabled. The issue occurs because non-tunnel UDP packets are sometimes mistakenly processed as if they belong to a tunnel. This can lead to data corruption or kernel...
kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error
A flaw was found in Linux kernel tipc. tipcudpaddr2str does not return a nonzero value when UDP media address is invalid, which can result in a buffer overflow in tipcmediaaddrprintf...