Lucene search
K

84 matches found

RedHat Linux
RedHat Linux
added 2024/07/08 3:3 a.m.6 views

kernel: net/mlx5: Properly link new fs rules into the tree

CVE-2024-35960 is a vulnerability in the Linux kernel's Mellanox MLX5 driver that affects flow steering rule handling. When identical rules are created and referenced multiple times, they can fail to properly link into the rule tree, leaving them uninitialized. This can cause system crashes durin...

9.1CVSS6.8AI score0.01401EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/08 2:5 a.m.3 views

kernel: net/mlx5: Properly link new fs rules into the tree

CVE-2024-35960 is a vulnerability in the Linux kernel's Mellanox MLX5 driver that affects flow steering rule handling. When identical rules are created and referenced multiple times, they can fail to properly link into the rule tree, leaving them uninitialized. This can cause system crashes durin...

9.1CVSS6.8AI score0.01401EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/02 9:2 a.m.4 views

kernel: net/mlx5: Properly link new fs rules into the tree

CVE-2024-35960 is a vulnerability in the Linux kernel's Mellanox MLX5 driver that affects flow steering rule handling. When identical rules are created and referenced multiple times, they can fail to properly link into the rule tree, leaving them uninitialized. This can cause system crashes durin...

9.1CVSS6.8AI score0.01401EPSS
Exploits0References5
OSV
OSV
added 2024/05/20 10:15 a.m.2 views

DEBIAN-CVE-2024-35960

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously, addrulefg would only add newly created rules from the handle into the tree when they had a refcount of 1. On the other hand, createflowhandle tries hard to find and...

9.1CVSS5.8AI score0.01401EPSS
Exploits0References1
NVD
NVD
added 2023/04/20 1:15 p.m.25 views

CVE-2022-29606

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent and flow rules in the network...

9.8CVSS9.4AI score0.00987EPSS
Exploits1References2
NVD
NVD
added 2023/04/20 1:15 p.m.22 views

CVE-2022-29604

An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is misleading to a network operator. Improper handling of case sensitivity causes inconsistency between intent and flow rules in the network...

9.8CVSS9.4AI score0.01007EPSS
Exploits1References2
NVD
NVD
added 2023/04/20 1:15 p.m.26 views

CVE-2021-38364

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed by intents. A remote attacker can install or remove a new intent, and consequently modify or delete the existing flow rules related to other intents...

6.5CVSS6.5AI score0.00848EPSS
Exploits1References2
NVD
NVD
added 2023/04/20 1:15 p.m.24 views

CVE-2022-24109

An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplicate intent with a different key, and then remove the duplicate one. This will remove the flow rules of the intent, even though the intent still exists in the controller...

6.5CVSS6.5AI score0.00855EPSS
Exploits1References2
OSV
OSV
added 2023/04/20 1:15 p.m.13 views

CVE-2021-38364

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed by intents. A remote attacker can install or remove a new intent, and consequently modify or delete the existing flow rules related to other intents...

6.5CVSS6.7AI score
Exploits0References2
Prion
Prion
added 2023/04/20 1:15 p.m.18 views

Design/Logic Flaw

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed by intents. A remote attacker can install or remove a new intent, and consequently modify or delete the existing flow rules related to other intents...

6.4CVSS6.5AI score0.00848EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/04/20 1:15 p.m.15 views

Input validation

An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is misleading to a network operator. Improper handling of case sensitivity causes inconsistency between intent and flow rules in the network...

7.5CVSS9.2AI score0.01007EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/04/20 1:15 p.m.14 views

Code injection

An issue was discovered in ONOS 2.5.1. To attack an intent installed by a normal user, a remote attacker can install a duplicate intent with a different key, and then remove the duplicate one. This will remove the flow rules of the intent, even though the intent still exists in the controller...

6.4CVSS6.5AI score0.00855EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/20 12:0 a.m.4 views

PT-2023-12336 · Onos · Onos

Name of the Vulnerable Software and Affected Versions: ONOS version 2.5.1 Description: An issue was discovered in ONOS where there is an incorrect comparison of flow rules installed by intents. A remote attacker can install or remove a new intent, and consequently modify or delete the existing fl...

6.5CVSS6.4AI score0.00848EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2023/04/20 12:0 a.m.7 views

CVE-2021-38364

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed by intents. A remote attacker can install or remove a new intent, and consequently modify or delete the existing flow rules related to other intents...

6.5AI score0.00848EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/04/20 12:0 a.m.7 views

Open Networking Foundation ONOS 安全漏洞

Open Networking Foundation ONOS is an open source SDN controller from Open Networking Foundation open source. It is used to build next-generation SDN/NFV solutions. A security vulnerability exists in Open Networking Foundation ONOS version 2.5.1, which stems from incorrect flow rules installed by...

6.5CVSS6.5AI score0.00848EPSS
Exploits1References3
CVE
CVE
added 2023/04/20 12:0 a.m.56 views

CVE-2021-38364

CVE-2021-38364 affects ONOS 2.5.1, where an incorrect comparison of flow rules installed by intents can let a remote attacker install or remove an intent and consequently modify or delete flow rules related to other intents. The consequence is unintended modification of flow state managed by the ...

6.5CVSS6.4AI score0.00848EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/04/20 12:0 a.m.27 views

CVE-2022-29604

An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is misleading to a network operator. Improper handling of case sensitivity causes inconsistency between intent and flow rules in the network...

9.6AI score0.01007EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/04/20 12:0 a.m.21 views

CVE-2021-38364

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of flow rules installed by intents. A remote attacker can install or remove a new intent, and consequently modify or delete the existing flow rules related to other intents...

6.6AI score0.00848EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/04/20 12:0 a.m.24 views

CVE-2022-29609

An issue was discovered in ONOS 2.5.1. An intent with the same source and destination shows the INSTALLING state, indicating that its flow rules are installing. Improper handling of such an intent is misleading to a network operator...

5.5AI score0.00567EPSS
Exploits1References2
CVE
CVE
added 2023/04/20 12:0 a.m.53 views

CVE-2022-29609

CVE-2022-29609 affects ONOS 2.5.1. The issue is that an intent with the same source and destination can appear in the INSTALLING state, suggesting its flow rules are installing. This incorrect handling is described as misleading to a network operator. The connected documents confirm the affected ...

5.3CVSS5.2AI score0.00567EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder