kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error

A flaw was found in Linux kernel tipc. tipcudpaddr2str does not return a nonzero value when UDP media address is invalid, which can result in a buffer overflow in tipcmediaaddrprintf...

CVE-2024-45274

An unauthenticated remote attacker can execute OS commands via UDP on the device due to missing authentication...

kernel: udp: do not accept non-tunnel GSO skbs landing in a tunnel

CVE-2024-35884 highlights a flaw in the Linux kernel's handling of UDP packets when Generic Receive Offload GRO forwarding is enabled. The issue occurs because non-tunnel UDP packets are sometimes mistakenly processed as if they belong to a tunnel. This can lead to data corruption or kernel...

kernel: tipc: Return non-zero value from tipc_udp_addr2str() on error

A flaw was found in Linux kernel tipc. tipcudpaddr2str does not return a nonzero value when UDP media address is invalid, which can result in a buffer overflow in tipcmediaaddrprintf...

Helmholz REX100 访问控制错误漏洞

The Helmholz REX100 is a wireless router from Helmholz. An access control error vulnerability exists in Helmholz REX100 versions prior to 2.3.1, which stems from a lack of authentication and allows an unauthenticated, remote attacker to execute operating system commands via UDP on the device...

HAProxy 安全漏洞

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides Layer 4 and Layer 7 proxies and can support tens of thousands of connection levels with high efficiency and stability. A security vulnerability exists in HAProxy that stems from the use o...

cups-browsed: cups-browsed binds on UDP INADDR_ANY:631 trusting any packet from any source

A security issue has been identified in OpenPrinting CUPS. The function ppdCreatePPDFromIPP2 in the libppd library is responsible for generating a PostScript Printer Description PPD file based on attributes retrieved from an Internet Printing Protocol IPP response. Essentially, it takes printer...

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

cups-browsed: cups-filters: cups-browsed vulnerable to DDoS amplification attack

A flaw was found in cups-browsed. This vulnerability allows an attacker to launch DDoS amplification attacks via an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added...

Cisco SD-WAN vEdge 安全漏洞

The Cisco SD-WAN vEdge is a router from Cisco USA. A security vulnerability exists in the Cisco SD-WAN vEdge that originates from not properly handling certain types of incorrectly formatted UDP packets...

Blast-RADIUS is a vulnerability that affects the RADIUS protocol (CVE-2024-3596)

A vulnerability in the verification of RADIUS Response from a RADIUS server has been disclosed by a team of researchers from UC San Diego and their partners. An attacker, with access to the network where the RADIUS protocol is being transmitted, can spoof a UDP-based RADIUS Response packet to...

The vulnerability of the Yokogawa Dual-redundant Platform for Computer (PC2CKM) lies in the improper checking of the return value of a method or function, allowing an attacker to trigger a service failure.

The vulnerability of the Yokogawa Dual-redundant Platform for Computer PC2CKM is related to improper checking of the return value of a method or function. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a service failure by sending broadcast UDP packets...

SUSE CVE-2024-46738

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmciresourceremove When removing a resource from vmciresourcetable in vmciresourceremove, the search is performed using the resource handle by comparing context and resource...

SUSE CVE-2024-46763

In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 is of protocol in struct fou. When fourelease is called due to netns...

DEBIAN-CVE-2024-46763

In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 is of protocol in struct fou. When fourelease is called due to netns...

DEBIAN-CVE-2024-46738

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix use-after-free when removing resource in vmciresourceremove When removing a resource from vmciresourcetable in vmciresourceremove, the search is performed using the resource handle by comparing context and resource...

PT-2024-39301 · Circutor · Circutor Tcp2Rs+

Name of the Vulnerable Software and Affected Versions: CIRCUTOR TCP2RS+ version 1.3b Description: The issue allows an attacker to modify any configuration value without authentication by sending packets through the UDP protocol and port 2000, deconfiguring the device and thus disabling its use,...

Yokogawa Dual-redundant Platform for Computer 安全漏洞

Yokogawa Dual-redundant Platform for Computer is a dual-redundant platform for computers from Yokogawa Electric Yokogawa, Japan. A security vulnerability exists in Yokogawa Dual-redundant Platform for Computer versions R1.01.00 through R2.03.00, which originates from a denial of service DoS that...

The vulnerability of the Mtrace2 function in the Cisco IOS XR operating system, which allows a hacker to trigger a service failure

The vulnerability of the Mtrace2 multi-address tracing function in the Cisco IOS XR operating system is related to memory release errors. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending a large number of UDP packets...

CVE-2024-20304

A vulnerability in the multicast traceroute version 2 Mtrace2 feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust the UDP packet memory of an affected device. This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An...