Lucene search
K

159 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:12 p.m.33 views

K17121: Linux network subsystem vulnerabilities CVE-2014-8160, CVE-2014-8172, CVE-2014-8173, CVE-2014-9428, CVE-2014-9644, CVE-2015-0274, and CVE-2015-2041

Security Advisory Description CVE-2014-8160 net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended...

7.8CVSS7.2AI score0.05489EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.3 views

SUSE CVE-2011-4112

The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFFTXSKBSHARING flag, which allows local users to cause a denial of service panic by leveraging the CAPNETADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction wit...

5.5CVSS4.8AI score0.00468EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.4 views

SUSE CVE-2017-18222

In the Linux kernel before 4.12, Hisilicon Network Subsystem HNS does not consider the ETHSSPRIVFLAGS case when retrieving ssetcount data, which allows local users to cause a denial of service buffer overflow and memory corruption or possibly have unspecified other impact, as demonstrated by...

7.8CVSS7.8AI score0.00477EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2023/02/02 8:0 a.m.2 views

A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.

...

5.5CVSS7.2AI score0.01016EPSS
Exploits0
OSV
OSV
added 2023/01/26 9:18 p.m.4 views

AZL-13168 CVE-2023-0394 affecting package hyperv-daemons for versions less than 5.15.92.1-1

A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...

5.5CVSS6.6AI score0.01016EPSS
Exploits0References1
OSV
OSV
added 2023/01/26 9:18 p.m.5 views

AZL-13170 CVE-2023-0394 affecting package kernel for versions less than 5.15.92.1-1

A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...

5.5CVSS6.6AI score0.01016EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/06 12:0 a.m.7 views

PT-2024-11850 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a race condition on the per-CQ variable napi work done in the Linux kernel's net component. After calling napi complete done, another CPU can start the napi...

9.1CVSS6.6AI score0.03651EPSS
Exploits9References1774
OSV
OSV
added 2022/06/01 12:0 a.m.44 views

ASB-A-112551163

In ipcheckmcrcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation...

7CVSS7.7AI score0.00141EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2022/05/31 12:0 a.m.28 views

FreeBSD 802.11 Network Subsystem Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of FreeBSD Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of 802.11 Wi-Fi beacon frames. The issue results from the lack of...

8.3CVSS3AI score0.0362EPSS
Exploits0References1
GoogleProjectZero
GoogleProjectZero
added 2021/04/22 12:0 a.m.544 views

Designing sockfuzzer, a network syscall fuzzer for XNU

Posted by Ned Williamson, Project Zero Introduction When I started my 20% project – an initiative where employees are allocated twenty-percent of their paid work time to pursue personal projects – with Project Zero, I wanted to see if I could apply the techniques I had learned fuzzing Chrome to...

9.3CVSS8.3AI score0.2201EPSS
Exploits17
Prion
Prion
added 2020/09/10 3:16 p.m.27 views

Buffer overflow

Improper buffer restrictions in network subsystem in provisioned IntelR AMT and IntelR ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticat...

7.5CVSS9.3AI score0.01686EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2020/09/10 2:22 p.m.203 views

CVE-2020-8758

CVE-2020-8758 affects Intel AMT/ISM: improper buffer restrictions in the network subsystem may allow escalation of privilege. In provisioned systems, an unauthenticated attacker on the network can potentially escalate privileges; on un-provisioned systems, an authenticated user may escalate via l...

9.8CVSS9.3AI score0.01686EPSS
Exploits0References2Affected Software2
ThreatPost
ThreatPost
added 2020/09/08 8:34 p.m.105 views

Critical Intel Active Management Technology Flaw Allows Privilege Escalation

Intel patched a critical privilege escalation vulnerability in its Active Management Technology AMT, which is used for remote out-of-band management of PCs. AMT is part of the Intel vPro platform Intel’s umbrella marketing term for its collection of computer hardware technologies and is primarily...

7.5CVSS9.2AI score0.0552EPSS
Exploits1References13
RedHat Linux
RedHat Linux
added 2020/03/09 2:35 p.m.9 views

kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service

A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system...

7.8CVSS7.1AI score0.03784EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.64 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1484)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.2AI score0.24299EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1525)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.2AI score0.047EPSS
Exploits12References2
RedHat Linux
RedHat Linux
added 2019/11/05 8:56 p.m.4 views

kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service

A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system...

7.8CVSS7.1AI score0.03784EPSS
Exploits0References4
CNVD
CNVD
added 2019/06/18 12:0 a.m.1 views

Linux kernel denial of service vulnerability (CNVD-2019-18512)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A resource management error vulnerability exists in the way the network subsystem in the Linux kernel handles the TCP Selective Acknowledgment fragment. An attacker...

7.5CVSS7.2AI score0.94686EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.48 views

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1522)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - drivers/gpu/msm/kgsl.c in the MSM graphics driver aka GPU driver for the Linux kernel 3.x, as used in Qualcomm...

9.3CVSS7.4AI score0.06511EPSS
Exploits5References21
Veracode
Veracode
added 2019/05/02 5:29 a.m.25 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system...

7CVSS6.4AI score0.0123EPSS
Exploits0References36Affected Software1
Rows per page
Query Builder