59 matches found
The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ice component in the Linux operating system’s kernel is related to the emergence of a race condition that can lead to mutual locking. In this condition, the interface leaves the LAG state and immediately re-enters the LAG state. Exploiting this vulnerability allows an...
kernel: ice: fix LAG and VF lock dependency in ice_reset_vf()
CVE-2024-36003 pertains to a deadlock vulnerability in the Linux kernel's ICE driver, which manages Intel Ethernet controllers. The issue arises from improper lock acquisition order between the Link Aggregation LAG mutex and the Virtual Function VF configuration lock within the iceresetvf functio...
SUSE CVE-2022-48807
In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...
DEBIAN-CVE-2022-48807
In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...
UBUNTU-CVE-2022-48807
In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...
LACP Bonding in XenServer - Configuration and Troubleshooting
In XenServer 6.1, LACP link aggregation was added to existing bonding modes for vSwitch. This article describes dynamic link aggregation LACP between a XenServer host and a switch, giving a high-level overview of the 802.3ad protocol, explaining configuration and diagnosis tools. Background LACP...
CVE-2024-30388
An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If a specific malformed LACP packet is received by a QFX5000...
kernel: net/mlx5: E-Switch, pair only capable devices
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...
PT-2025-38197
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's net/mlx5 component related to the handling of E-switch pairing during uplink un/load APIs. Specifically, when transitioning a device from switchdev mo...
CVE-2022-22223
On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...
Input validation
On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...
CVE-2022-22223 Junos OS: QFX10000 Series: In IP/MPLS PHP node scenarios upon receipt of certain crafted packets multiple interfaces in LAG configurations may detach.
On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...
The vulnerability of the implementation of the VXLAN technology by Juniper Networks’ Modular Port Concentrator devices for Junos OS-based MX routers allows a attacker to cause a service failure.
The vulnerability of the VXLAN technology implemented by Juniper Networks’ Modular Port Concentrator for Junos OS routers of the MX series is related to insufficient checking of unusual or exceptional states when using the LACP protocol. Exploiting this vulnerability can allow a malicious actor t...
Juniper Junos OS DoS (JSA11125)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11125 advisory. On Juniper Networks Junos OS platforms with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but...
CVE-2021-0230
On Juniper Networks SRX Series devices with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic wil...
CVE-2021-0230
CVE-2021-0230 affects Juniper Networks Junos OS on SRX Series devices with link aggregation (lag). When performing operations that fetch AE interface statistics (e.g., SNMP GET), a slow kernel memory leak can consume memory, potentially impacting traffic and requiring a reboot. Affected versions ...
PT-2021-12943 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX Series versions 17.1R3 through 17.3R3-S10 Juniper Networks Junos OS on SRX Series versions 17.4 through 17.4R3-S4 Juniper Networks Junos OS on SRX Series versions 18.2 through 18.2R3-S6 Juniper Networks Junos ...
Arista EOS Mlag agent denial of service vulnerability
Arista EOS is a suite of modular operating systems from Arista Networks, Inc. that provide the foundation platform for next-generation data center and cloud networking business requirements. mlag agent is one of the Mlag agents. A security vulnerability exists in the Mlag agent in Arista EOS...
CVE-2006-5213
Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation network device aggregation...