159 matches found
K17121: Linux network subsystem vulnerabilities CVE-2014-8160, CVE-2014-8172, CVE-2014-8173, CVE-2014-9428, CVE-2014-9644, CVE-2015-0274, and CVE-2015-2041
Security Advisory Description CVE-2014-8160 net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended...
SUSE CVE-2011-4112
The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFFTXSKBSHARING flag, which allows local users to cause a denial of service panic by leveraging the CAPNETADMIN capability to access /proc/net/pktgen/pgctrl, and then using the pktgen package in conjunction wit...
SUSE CVE-2017-18222
In the Linux kernel before 4.12, Hisilicon Network Subsystem HNS does not consider the ETHSSPRIVFLAGS case when retrieving ssetcount data, which allows local users to cause a denial of service buffer overflow and memory corruption or possibly have unspecified other impact, as demonstrated by...
A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.
...
AZL-13168 CVE-2023-0394 affecting package hyperv-daemons for versions less than 5.15.92.1-1
A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...
AZL-13170 CVE-2023-0394 affecting package kernel for versions less than 5.15.92.1-1
A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash...
PT-2024-11850 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a race condition on the per-CQ variable napi work done in the Linux kernel's net component. After calling napi complete done, another CPU can start the napi...
ASB-A-112551163
In ipcheckmcrcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation...
FreeBSD 802.11 Network Subsystem Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of FreeBSD Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of 802.11 Wi-Fi beacon frames. The issue results from the lack of...
Designing sockfuzzer, a network syscall fuzzer for XNU
Posted by Ned Williamson, Project Zero Introduction When I started my 20% project – an initiative where employees are allocated twenty-percent of their paid work time to pursue personal projects – with Project Zero, I wanted to see if I could apply the techniques I had learned fuzzing Chrome to...
Buffer overflow
Improper buffer restrictions in network subsystem in provisioned IntelR AMT and IntelR ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. On un-provisioned systems, an authenticat...
CVE-2020-8758
CVE-2020-8758 affects Intel AMT/ISM: improper buffer restrictions in the network subsystem may allow escalation of privilege. In provisioned systems, an unauthenticated attacker on the network can potentially escalate privileges; on un-provisioned systems, an authenticated user may escalate via l...
Critical Intel Active Management Technology Flaw Allows Privilege Escalation
Intel patched a critical privilege escalation vulnerability in its Active Management Technology AMT, which is used for remote out-of-band management of PCs. AMT is part of the Intel vPro platform Intel’s umbrella marketing term for its collection of computer hardware technologies and is primarily...
kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service
A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1484)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1525)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service
A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system...
Linux kernel denial of service vulnerability (CNVD-2019-18512)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A resource management error vulnerability exists in the way the network subsystem in the Linux kernel handles the TCP Selective Acknowledgment fragment. An attacker...
EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1522)
According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - drivers/gpu/msm/kgsl.c in the MSM graphics driver aka GPU driver for the Linux kernel 3.x, as used in Qualcomm...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system...