96 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an unvalidated extension header type index. This vulnerability may lead to out-of-bound reads and...
CVE-2023-43511
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTONONE as the next header...
CVE-2022-33239
Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extension header. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...
CVE-2025-40363 net: ipv6: fix field-spanning memcpy warning in AH output
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix field-spanning memcpy warning in AH output Fix field-spanning memcpy warnings in ah6output and ah6outputdone where extension headers are copied to/from IPv6 address fields, triggering fortify-string warnings about...
EUVD-2006-4560
Malware in sbrugna...
EUVD-2020-12733
Malware in sbrugna...
EUVD-2021-15046
Malware in sbrugna...
EUVD-2023-47917
Malicious code in bioql PyPI...
EUVD-2022-36282
Malicious code in bioql PyPI...
DEBIAN-CVE-2023-53343
In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP and will be forwarded to an external IP in the IPv6 Ex...
CVE-2023-53343
In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP and will be forwarded to an external IP in the IPv6 Ex...
PT-2025-51579
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the IPv6 implementation related to Address Header AH output processing. Specifically, the ah6 output and ah6 output done functions exhibit...
SUSE CVE-2025-37939
In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext corerelo header Update btfextparseinfo to ensure the corerelo header is present before reading its fields. This avoids a potential buffer read overflow reported by the OSS Fuzz project...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an IPv6 extension header handling issue in the net component...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Net: Reenabling NETIFFIPV6CSUM offloading for BIG TCP packets The problematic commit disabled the hardware offloading of IPv6 packets with extension headers on devices that advertise NETIFFIPV6CSUM. This was based on the definiti...
Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft
This is a rather flaky poc for CVE-2024-38063https://msrc.m...
CVE-2023-43511
CVE-2023-43511 describes a transient DoS in WLAN firmware when parsing an IPv6 extension header for a packet whose next header is IPPROTO_NONE. The issue is reported across multiple sources (Qualcomm advisory context, Red Hat, NVD) and is associated with Qualcomm/WLAN firmware components; the vul...
CVE-2023-43511 Loop with Unreachable Exit Condition (Infinite Loop) in WLAN Firmware
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTONONE as the next header...
CLSA-2023-1698247974 Fix of 6 CVEs
CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3newpack packet size to IPMAXMTU CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-34319 // CVE-url:...
GHSA-3FQM-FRHG-7C85 Graylog user session is still usable after logout
Summary In a multi-node Graylog cluster, after a user has explicitly logged out, a user session may still be used for API requests until it has reached its original expiry time. Details Each node maintains an in-memory cache of user sessions. Upon a cache-miss, the session is loaded from the...