49 matches found
DEBIAN-CVE-2016-7939
The GRE parser in tcpdump before 4.9.0 has a buffer overflow in print-gre.c, multiple functions...
UBUNTU-CVE-2017-5342
In tcpdump before 4.9.0, a bug in multiple protocol parsers Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE could cause a buffer overflow in print-ether.c:etherprint...
DEBIAN-CVE-2016-8666
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a...
kernel: Remotely triggerable recursion in GRE code leading to kernel crash
A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...
CVE-2016-1453
Buffer overflow in the Overlay Transport Virtualization OTV GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701...
PT-2014-8434 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.18 Description: The issue generates incorrect conntrack entries during the handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols. This allows remote attackers to bypass intende...
Moderate: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix two security issues, one bug, and add two enhancements are now available for Red Hat OpenStack 3.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...
kernel: netns vs proto registration ordering
net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...
PT-2012-1534 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.34 Description: The issue affects the Linux kernel, specifically the ip gre module. It allows remote attackers to cause a denial of service by sending a packet during module loading, resulting in an OOPS...