1155 matches found
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6821-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6821-2 advisory. It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free...
USN-6820-1: Linux kernel vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6795-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6795-1 advisory. Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use-...
CVE-2021-47563 ice: avoid bpf_prog refcount underflow
In the Linux kernel, the following vulnerability has been resolved: ice: avoid bpfprog refcount underflow Ice driver has the routines for managing XDP resources that are shared between ndobpf op and VSI rebuild flow. The latter takes place for example when user changes queue count on an interface...
batman-adv: Avoid infinite loop trying to resize local TT
...
net: mctp: take ownership of skb in mctp_local_output
...
golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests
A flaw was found in the Golang net/http/internal package. This issue may allow a malicious user to send an HTTP request and cause the receiver to read more bytes from network than are in the body up to 1GiB, causing the receiver to fail reading the response, possibly leading to a Denial of Servic...
The vulnerability of the llc_conn_handler() function in the net/llc/llc_conn.c module, which is part of the LLC protocol implementation in Linux kernel, allows a attacker to cause a service failure.
The vulnerability of the llcconnhandler function in the net/llc/llcconn.c module, which is part of the LLC protocol implementation in Linux kernel, is related to the use of uninitialized memory. Exploiting this vulnerability could allow an attacker to cause a service failure...
Remote Code Execution (RCE)
zodb3 is vulnerable to Remote Code Execution RCE. The vulnerability is due to improper handling of certain Zope Enterprise Objects ZEO database sharing, allowing remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol...
Authentication Bypass
Zope Object Database ZODB Authentication Bypass. The vulnerability is due to certain configurations of Zope Enterprise Objects ZEO database sharing, which can be exploited by remote attackers via vectors involving the ZEO network protocol...
CVE-2023-44406
D-Link DAP-1325 SetAPLanSettings DeviceName Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...
D-Link DIR-2640 安全漏洞
The D-Link DIR-2640 is a high power Wi-Fi router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-2640 that stems from a HNAP PrivateLogin authentication bypass vulnerability...
ROS-20240503-01
A vulnerability in the Web Audio component of Microsoft Edge and Google Chrome browsers is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code A vulnerability in the Skia graphics library of Google Chro...
CVE-2024-33518
An unauthenticated Denial-of-Service DoS vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service...
ROS-20240423-03
Vulnerability in the /krb5/src/lib/rpc/pmaprmt.c component of the Kerberos network protocol implementation is related to memory freeing errors. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service Vulnerability in component...
Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6724-2)
The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6724-2 advisory. Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leadi...
Ubuntu 20.04 LTS : Linux kernel (Xilinx ZynqMP) vulnerabilities (USN-6726-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6726-3 advisory. Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a...
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6726-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6726-1 advisory. Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request,...
ROS-20240405-04
A vulnerability in the lib/kadm5/kadmrpcxdr.c file of the Kerberos network protocol implementation is related to the release of an an uninitialized pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
CVE-2023-52638
In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by changing j1939sockslock to rwlock The following 3 locks would race against each other, causing the deadlock situation in the Syzbot bug report: - j1939sockslock - activesessionlistlock -...