1883 matches found
SUSE CVE-2021-47249
In the Linux kernel, the following vulnerability has been resolved: net: rds: fix memory leak in rdsrecvmsg Syzbot reported memory leak in rds. The problem was in unputted refcount in case of error. int rdsrecvmsgstruct socket sock, struct msghdr msg, sizet size, int msgflags ... if...
dnspython: denial of service in stub resolver
The dnspython stub resolver is vulnerable to a denial of service DoS risk if an attacker sends a malicious response forged with the correct address and port before a legitimate one arrives on the UDP port used by dnspython for the query. In such cases, dnspython could either switch to another...
kernel: RDMA/cma: Allow UD qp_type to join multicast only
In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Allow UD qptype to join multicast only As for multicast: - The SIDR is the only mode that makes sense; - Besides PSUDP, other port spaces like PSIB is also allowed, as it is UD compatible. In this case qkey also needs t...
DEBIAN-CVE-2021-47248
In the Linux kernel, the following vulnerability has been resolved: udp: fix race between close and udpabort Kaustubh reported and diagnosed a panic in udpliblookup. The root cause is udpabort racing with close. Both racing functions acquire the socket lock, but udpv6destroysock release it before...
SUSE CVE-2024-35884
In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tunnel this can cause various issues and...
SUSE CVE-2024-35944
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost Syzkaller hit 'WARNING in dgdispatchashost' bug. memcpy: detected field-spanning write size 56 of single field "&dginfo-msg" at drivers/misc/vmwvmci/vmcidatagram.c:237 size 24...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a contention between close and udpabort...
DEBIAN-CVE-2024-35944
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost Syzkaller hit 'WARNING in dgdispatchashost' bug. memcpy: detected field-spanning write size 56 of single field "&dginfo-msg" at drivers/misc/vmwvmci/vmcidatagram.c:237 size 24...
UBUNTU-CVE-2024-35944
In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost Syzkaller hit 'WARNING in dgdispatchashost' bug. memcpy: detected field-spanning write size 56 of single field "&dginfo-msg" at drivers/misc/vmwvmci/vmcidatagram.c:237 size 24...
DEBIAN-CVE-2024-35884
In the Linux kernel, the following vulnerability has been resolved: udp: do not accept non-tunnel GSO skbs landing in a tunnel When rx-udp-gro-forwarding is enabled UDP packets might be GROed when being forwarded. If such packets might land in a tunnel this can cause various issues and...
SUSE CVE-2024-27405
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadgetgiveback has one byte appended at the end of a prop...
DEBIAN-CVE-2024-27405
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadgetgiveback has one byte appended at the end of a prop...
UBUNTU-CVE-2024-27405
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadgetgiveback has one byte appended at the end of a prop...
The vulnerability of the Linux operating system’s Network File System kernel allows a hacker to cause a service failure.
The vulnerability of the Linux operating system’s Network File System kernel lies in the lack of protection against unauthorized data processing during the execution of the .GETDEVICEINFO and LAYOUTGET operations in UDP packets. Exploiting this vulnerability can allow an attacker to cause service...
CVE-2023-6324
ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity...
AIX (IJ50935)
The version of AIX installed on the remote host is prior to APAR IJ50935. It is, therefore, affected by a vulnerability as referenced in the IJ50935 advisory. - IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Un...
AIX (IJ50934)
The version of AIX installed on the remote host is prior to APAR IJ50934. It is, therefore, affected by a vulnerability as referenced in the IJ50934 advisory. - IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Un...
CVE-2024-27273
IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903...
CVE-2024-27273 IBM AIX privilege escalation
IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903...
CVE-2024-27273 IBM AIX privilege escalation
IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903...