Lucene search
K

59 matches found

BDU FSTEC
BDU FSTEC
added 2024/09/04 12:0 a.m.6 views

The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ice component in the Linux operating system’s kernel is related to the emergence of a race condition that can lead to mutual locking. In this condition, the interface leaves the LAG state and immediately re-enters the LAG state. Exploiting this vulnerability allows an...

5.5CVSS5.8AI score0.00182EPSS
Exploits0References10Affected Software2
RedHat Linux
RedHat Linux
added 2024/08/28 12:34 p.m.2 views

kernel: ice: fix LAG and VF lock dependency in ice_reset_vf()

CVE-2024-36003 pertains to a deadlock vulnerability in the Linux kernel's ICE driver, which manages Intel Ethernet controllers. The issue arises from improper lock acquisition order between the Link Aggregation LAG mutex and the Virtual Function VF configuration lock within the iceresetvf functio...

5.5CVSS7.3AI score0.00166EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/07/17 4:19 a.m.2 views

SUSE CVE-2022-48807

In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...

7.8CVSS6.4AI score0.00288EPSS
Exploits0References9
OSV
OSV
added 2024/07/16 12:15 p.m.4 views

DEBIAN-CVE-2022-48807

In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...

5.5CVSS5.1AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2024/07/16 12:15 p.m.4 views

UBUNTU-CVE-2022-48807

In the Linux kernel, the following vulnerability has been resolved: ice: Fix KASAN error in LAG NETDEVUNREGISTER handler Currently, the same handler is called for both a NETDEVBONDINGINFO LAG unlink notification as for a NETDEVUNREGISTER call. This is causing a problem though, since the...

5.5CVSS5.8AI score0.00288EPSS
Exploits0References6
Citrix
Citrix
added 2024/07/13 12:0 a.m.23 views

LACP Bonding in XenServer - Configuration and Troubleshooting

In XenServer 6.1, LACP link aggregation was added to existing bonding modes for vSwitch. This article describes dynamic link aggregation LACP between a XenServer host and a switch, giving a high-level overview of the 802.3ad protocol, explaining configuration and diagnosis tools. Background LACP...

6.7AI score
Exploits0
OSV
OSV
added 2024/04/12 4:15 p.m.8 views

CVE-2024-30388

An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If a specific malformed LACP packet is received by a QFX5000...

7.1CVSS5.8AI score0.00289EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.3 views

kernel: net/mlx5: E-Switch, pair only capable devices

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS paring using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextphysdev was called without holding th...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/03/20 12:0 a.m.4 views

PT-2025-38197

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's net/mlx5 component related to the handling of E-switch pairing during uplink un/load APIs. Specifically, when transitioning a device from switchdev mo...

5.5CVSS5.5AI score0.00187EPSS
Exploits0
OSV
OSV
added 2022/10/18 3:15 a.m.6 views

CVE-2022-22223

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

7.5CVSS5.9AI score0.00766EPSS
Exploits1References1
Prion
Prion
added 2022/10/18 3:15 a.m.23 views

Input validation

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

5CVSS7.8AI score0.00766EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/18 2:46 a.m.8 views

CVE-2022-22223 Junos OS: QFX10000 Series: In IP/MPLS PHP node scenarios upon receipt of certain crafted packets multiple interfaces in LAG configurations may detach.

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping PHP nodes with link aggregation group LAG interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packet...

6.5CVSS7.8AI score0.00766EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/06/18 12:0 a.m.16 views

The vulnerability of the implementation of the VXLAN technology by Juniper Networks’ Modular Port Concentrator devices for Junos OS-based MX routers allows a attacker to cause a service failure.

The vulnerability of the VXLAN technology implemented by Juniper Networks’ Modular Port Concentrator for Junos OS routers of the MX series is related to insufficient checking of unusual or exceptional states when using the LACP protocol. Exploiting this vulnerability can allow a malicious actor t...

6.5CVSS6.6AI score0.00404EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/05/20 12:0 a.m.37 views

Juniper Junos OS DoS (JSA11125)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11125 advisory. On Juniper Networks Junos OS platforms with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but...

7.5CVSS7.4AI score0.00961EPSS
Exploits0References2
NVD
NVD
added 2021/04/22 8:15 p.m.25 views

CVE-2021-0230

On Juniper Networks SRX Series devices with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic wil...

7.5CVSS0.00961EPSS
Exploits0References1
CVE
CVE
added 2021/04/22 7:36 p.m.59 views

CVE-2021-0230

CVE-2021-0230 affects Juniper Networks Junos OS on SRX Series devices with link aggregation (lag). When performing operations that fetch AE interface statistics (e.g., SNMP GET), a slow kernel memory leak can consume memory, potentially impacting traffic and requiring a reboot. Affected versions ...

7.5CVSS7.6AI score0.00961EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/04/22 12:0 a.m.6 views

PT-2021-12943 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX Series versions 17.1R3 through 17.3R3-S10 Juniper Networks Junos OS on SRX Series versions 17.4 through 17.4R3-S4 Juniper Networks Junos OS on SRX Series versions 18.2 through 18.2R3-S6 Juniper Networks Junos ...

7.5CVSS7.5AI score0.00961EPSS
Exploits0References2
CNVD
CNVD
added 2018/03/07 12:0 a.m.5 views

Arista EOS Mlag agent denial of service vulnerability

Arista EOS is a suite of modular operating systems from Arista Networks, Inc. that provide the foundation platform for next-generation data center and cloud networking business requirements. mlag agent is one of the Mlag agents. A security vulnerability exists in the Mlag agent in Arista EOS...

6.5CVSS6.7AI score0.01069EPSS
Exploits0References1
NVD
NVD
added 2006/10/10 4:6 a.m.18 views

CVE-2006-5213

Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation network device aggregation...

3.6CVSS6.3AI score0.00339EPSS
Exploits0References8
Rows per page
Query Builder