139 matches found
CVE-2025-38413
In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...
DEBIAN-CVE-2025-38413
In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...
UBUNTU-CVE-2025-38413
In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...
CVE-2025-38413
CVE-2025-38413 : In the Linux kernel virtio-net XDP path (xsk RX), len passed to buf_to_xdp did not consistently account for virtio header length for the first buffer, risking an incorrect frame size check. The fix differentiates the first buffer from subsequent ones by introducing an extra param...
CVE-2025-38413
In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...
CVE-2025-38413 virtio-net: xsk: rx: fix the frame's length check
In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...
CVE-2025-38413 virtio-net: xsk: rx: fix the frame's length check
In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a frame length checking error in the virtio-net xsk receive path, which could lead to a buffer overflow...
PT-2025-30813 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the virtio-net xsk receive rx path related to frame length checking. The buf to xdp function incorrectly calculates the maximum frame length for the first buffer,...
CVE-2020-3668
u'Buffer overflow while parsing PMF enabled MCBC frames due to frame length being lesser than what is expected while parsing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...
CVE-2019-14110
Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer size in case of SAP mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer...
CVE-2019-14086
Possible integer overflow while checking the length of frame which is a 32 bit integer and is added to another 32 bit integer which can lead to unexpected result during the check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,...
CVE-2025-30356 Heap Buffer Overflow via Incomplete Length Check in `Crypto_TC_ApplySecurity`
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in...
CVE-2025-30356
CryptoLib (SDLS-EP) vulnerability CVE-2025-30356 affects 1.3.3 and earlier. A heap buffer overflow in Crypto_TC_ApplySecurity results from incomplete validation of the fl (frame length) field; after CVE-2025-29912’s underflow fix, frames can still produce a negative tf_payload_len that is treated...
CVE-2025-29911 CryptoLib Has Heap Buffer Overflow in Crypto_AOS_ProcessSecurity Function
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A critical heap buffer overflow vulnerability was identified in the...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: tap: added missing verification for short frames The referenced commit failed to check the validity of the frame length in the tapgetuserxdp function, which could result in a corrupted skb being sent down the stack. Even before t...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: tun: Added missing verification for short frames. The referenced commit failed to check the validity of the frame length in the tunxdpone path, which could result in a corrupted skb being sent down the stack. Even before the skb ...
CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp...
CVE-2024-33026
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp...
CVE-2024-33026 Buffer Over-read in WLAN Host
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp...