589 matches found
kernel security update
5.14.0-503.14.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
CVE-2024-47490
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consumption of resources, ultimately resulting in a...
CVE-2024-47490 Junos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resources to be exhausted
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consumption of resources, ultimately resulting in a...
CVE-2024-47490 Junos OS Evolved: ACX 7000 Series: Receipt of specific transit MPLS packets causes resources to be exhausted
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consumption of resources, ultimately resulting in a...
CVE-2024-47490
The CVE-2024-47490 issue affects Junos OS Evolved ACX 7000 Series. Affected are all versions before: 21.4R3-S9-EVO, 22.2-EVO before 22.2R3-S4-EVO, 22.3-EVO before 22.3R3-S3-EVO, 22.4-EVO before 22.4R3-S2-EVO, 23.2-EVO before 23.2R2-EVO, and 23.4-EVO before 23.4R1-S1-EVO / 23.4R2-EVO. The vulnerab...
PT-2024-7143
Name of the Vulnerable Software and Affected Versions Junos OS Evolved versions prior to 21.4R3-S9-EVO Junos OS Evolved version 22.2-EVO prior to 22.2R3-S4-EVO Junos OS Evolved version 22.3-EVO prior to 22.3R3-S3-EVO Junos OS Evolved version 22.4-EVO prior to 22.4R3-S2-EVO Junos OS Evolved versio...
SUSE CVE-2023-52906
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fix warning during failed attribute validation The 'TCAMPLSLABEL' attribute is of 'NLAU32' type, but has a validation type of 'NLAVALIDATEFUNCTION'. This is an invalid combination according to the comment abov...
DEBIAN-CVE-2023-52906
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fix warning during failed attribute validation The 'TCAMPLSLABEL' attribute is of 'NLAU32' type, but has a validation type of 'NLAVALIDATEFUNCTION'. This is an invalid combination according to the comment abov...
UBUNTU-CVE-2023-52906
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fix warning during failed attribute validation The 'TCAMPLSLABEL' attribute is of 'NLAU32' type, but has a validation type of 'NLAVALIDATEFUNCTION'. This is an invalid combination according to the comment abov...
CVE-2023-52906 net/sched: act_mpls: Fix warning during failed attribute validation
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fix warning during failed attribute validation The 'TCAMPLSLABEL' attribute is of 'NLAU32' type, but has a validation type of 'NLAVALIDATEFUNCTION'. This is an invalid combination according to the comment abov...
CVE-2023-52906 net/sched: act_mpls: Fix warning during failed attribute validation
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fix warning during failed attribute validation The 'TCAMPLSLABEL' attribute is of 'NLAU32' type, but has a validation type of 'NLAVALIDATEFUNCTION'. This is an invalid combination according to the comment abov...
CVE-2023-52906
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmpls: Fix warning during failed attribute validation The 'TCAMPLSLABEL' attribute is of 'NLAU32' type, but has a validation type of 'NLAVALIDATEFUNCTION'. This is an invalid combination according to the comment abov...
Cisco IOS XR Software MPLS Pseudowire Interfaces Access Control List Bypass (CSCwf99658)
According to its self-reported version, Cisco IOS XR is affected by a vulnerability. - A vulnerability in the access control list ACL processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This...
CVE-2024-39519 Junos OS Evolved: ACX 7000 Series: Multicast traffic is looped in a multihoming EVPN MPLS scenario
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all ACX 7000 Series platforms running Junos OS Evolved...
CVE-2024-39519 Junos OS Evolved: ACX 7000 Series: Multicast traffic is looped in a multihoming EVPN MPLS scenario
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all ACX 7000 Series platforms running Junos OS Evolved...
Juniper Junos OS Vulnerability (JSA75732)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75732 advisory. - An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS and Junos OS Evolved allows an...
CVE-2024-36933
In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...
CVE-2024-36933 nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().
In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...
CVE-2024-36933
CVE-2024-36933: In the Linux kernel, the nsh_gso_segment() path could mishandle outer headers when NSH encapsulates other protocols, leading to outer header corruption after GSO segmentation. The fix restores the outer header position by computing outer header placement relative to the inner head...
SUSE CVE-2021-47309
In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of lwtstate-data as iptunnelinfo type without validation. lwtstate-data can have various types such as mplsiptunnelencap, etc and these...