CVE-2023-24819

CVE-2023-24819 affects RIOT-OS prior to version 2022.10, where processing of 6LoWPAN frames can trigger an out-of-bounds write in the packet buffer. The attacker can craft a frame to overflow the buffer, potentially corrupting other packets and allocator metadata, leading to denial of service and...

CVE-2023-24818

Summary of CVE-2023-24818 (RIOT-OS) : The RIOT-OS network stack that handles 6LoWPAN frames is affected by a NULL pointer dereference when forwarding fragmented IP datagrams. The root cause is use of an uninitialized entry in the reassembly buffer during fragment processing, which can trigger a h...

PT-2023-19802 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: The issue affects the network stack of RIOT-OS, an operating system for Internet of Things devices, which can process 6LoWPAN frames. An attacker can send a crafted frame, resulting in a large ou...

RIOT RIOT-OS 代码问题漏洞

RIOT-OS is an operating system that supports IoT devices and contains a network stack capable of handling 6LoWPAN frames. A denial of service vulnerability exists in versions of RIOT-OS prior to 2022.10, which can be exploited by an attacker to launch a denial of service attack...

PT-2023-19804 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device,...

RIOT RIOT-OS 缓冲区错误漏洞

RIOT-OS is an operating system that supports IoT devices and contains a network stack capable of handling 6LoWPAN frames. Versions of RIOT-OS prior to 2022.10 suffer from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code...

CVE-2023-28116

Contiki-NG is an open-source, cross-platform operating system for internet of things IoT devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer packetbuf for processing o...

Buffer overflow

Contiki-NG is an open-source, cross-platform operating system for internet of things IoT devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer packetbuf for processing o...

CVE-2023-28116 Buffer overflow in L2CAP due to misconfigured MTU

Contiki-NG is an open-source, cross-platform operating system for internet of things IoT devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer packetbuf for processing o...

CVE-2023-28116

CVE-2023-28116 concerns Contiki-NG (IoT OS) prior to v4.9, where the BLE L2CAP module can cause an out-of-bounds write due to a mis sized packet buffer. The global packetbuf (size PACKETBUF_SIZE) may be exceeded when processing large packets with BLE L2CAP in the default configuration, leading to...

SUSE CVE-2007-2829

The 802.11 network stack in net80211/ieee80211input.c in MadWifi before 0.9.3.1 allows remote attackers to cause a denial of service system hang via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference...

SUSE CVE-2018-12178

Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network...

SUSE CVE-2020-11899

The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read...

SUSE CVE-2020-11900

The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free...

PT-2025-13337 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue has been identified in the Linux kernel. This issue occurs when the frag list is pulled into the linear area, leaving frag list as NULL, which can...

Denial Of Service (DoS)

linux is vulnerable to Denial Of Service DoS. It is possible for a guest to trigger a NIC interface reset/abort/crash in the backend by sending certain kinds of packets. It appears to be an assumption in the rest of the network stack that packet protocol headers are all contained within the linea...

UBUNTU-CVE-2022-3643

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an unwritten? assumption in the rest of the Linux network stack that packet...

AlmaLinux 9 : dpdk (ALSA-2022:8263)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8263 advisory. - A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing...

netavark bug fix and enhancement update

An update is available for netavark. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Netavark is a rust based network stack for containers. Bug Fixes and...

EulerOS 2.0 SP9 : dpdk (EulerOS-SA-2022-2726)

According to the versions of the dpdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending ...