samba: Subsequent DCE/RPC fragment injection vulnerability

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements...

Packet Injection

kernel is vulnerable to packet injection. The vulnerability exists due to a flaw was found in the Linux kernels implementation of wifi fragmentation handling which allows an attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where...

CentOS 8 : kernel-rt (CESA-2021:4140)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4140 advisory. - kernel: Intel graphics card information leak. CVE-2019-14615 - kernel: out-of-bounds reads in pinctrl subsystem. CVE-2020-0427 - kernel: Improper inp...

CentOS 8 : kernel (CESA-2021:4356)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4356 advisory. - kernel: Intel graphics card information leak. CVE-2019-14615 - kernel: out-of-bounds reads in pinctrl subsystem. CVE-2020-0427 - kernel: Improper inp...

RHEL 8 : kernel-rt (RHSA-2021:4140)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4140 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

kernel: Fragmentation cache not cleared on reconnection

A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device...

kernel: accepting fragmented plaintext frames in protected networks

A vulnerability was found in Linux kernel, where the WiFi implementations assemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or...

kernel: reassembling mixed encrypted/plaintext fragments

A flaw was found in ieee80211rxhdefragment in net/mac80211/rx.c in the Linux Kernel's WiFi implementation. This vulnerability can be abused to inject packets or exfiltrate selected fragments when another device sends fragmented frames, and the WEP, CCMP, or GCMP data-confidentiality protocol is...

kernel: Fragmentation cache not cleared on reconnection

A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to another device...

kernel: accepting fragmented plaintext frames in protected networks

A vulnerability was found in Linux kernel, where the WiFi implementations assemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or...

Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: out-of-bounds reads in pinctrl subsystem CVE-2020-0427 kernel: Improper input validation in some IntelR Ethernet E810 Adapter drivers CVE-2020-24502 kernel: Insufficient access control in...

UBUNTU-CVE-2021-23192

A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements...

CVE-2021-3905

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

UBUNTU-CVE-2021-3905

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

PT-2021-22361 · Unknown +2 · Openvswitch +2

Name of the Vulnerable Software and Affected Versions: Open vSwitch OVS affected versions not specified Description: A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending...

CVE-2021-3905

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

Learning how MTU and MSS work is key to using DDoS Protection as a Service

Maximum Transmit Unit MTU and Maximum Segment Size MSS are two important terms you should be familiar with when venturing into the world of networking, especially if you are working with GRE and IPSEC tunnels. And if you are looking to use DDoS Protection as a service, you will need to know how M...

User Profile Error - The volume is too fragmented to complete this transaction in Applayer Image

"User Profile Service service failed the sign-in. User profile cannot be loaded". Error :The volume is too fragmented to complete this transaction...

[SECURITY] Fedora 34 Update: libopenmpt-0.5.11-1.fc34

libopenmpt is a cross-platform C++ and C library to decode tracked music files modules into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project Open ModPlug Tracker. In order to avoid code base fragmentation, libopenmpt is developed in the same source code...