386 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-40937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi-skb before devkfreeskbany gverxfreeskb incorrectly leaves napi-skb referenci...
Linux Distros Unpatched Vulnerability : CVE-2024-27415
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nfconfirm logic cannot handle cloned skbs referencing the same nfconn...
Linux Distros Unpatched Vulnerability : CVE-2022-49646
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mac80211: fix queue selection for mesh/OCB interfaces When using iTXQ, the code assumes that there is only one vif queue for broadcast packets, using the ...
Linux Distros Unpatched Vulnerability : CVE-2022-48911
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfqueue: fix possible use-after-free Eric Dumazet says: The sockhold side seems suspect, because there is no guarantee that skrefcnt is not already 0...
Linux Distros Unpatched Vulnerability : CVE-2024-27013
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: limit printing rate when illegal packet received by tun dev vhostworker will call tun call backs to receive packets. If too many illegal packets arrives,...
Linux Distros Unpatched Vulnerability : CVE-2014-8160
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/netfilter/nfconntrackprotogeneric.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for...
SUSE CVE-2022-49369
In the Linux kernel, the following vulnerability has been resolved: amt: fix possible memory leak in amtrcv If an amt receives packets and it finds socket. If it can't find a socket, it should free a received skb. But it doesn't. So, a memory leak would possibly occur...
CVE-2022-49340 ip_gre: test csum_start instead of transport header
In the Linux kernel, the following vulnerability has been resolved: ipgre: test csumstart instead of transport header GRE with TUNNELCSUM will apply local checksum offload on CHECKSUMPARTIAL packets. ipgrexmit must validate csumstart after an optional skbpull, else lcocsum may trigger an overflow...
CVE-2022-49160 scsi: qla2xxx: Fix crash during module load unload test
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix crash during module load unload test During purex packet handling the driver was incorrectly freeing a pre-allocated structure. Fix this by skipping that entry. System crashed with the following stack during a...
Azure Linux 3.0 Security Update: kernel (CVE-2024-27013)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27013 advisory. - In the Linux kernel, the following vulnerability has been resolved: tun: limit printing rate when illegal...
CVE-2021-40368
A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 All versions, SIMATIC S7-400 CPU 412-2 DP V7 All versions, SIMATIC S7-400 CPU 412-2 PN/DP V7 All versions V7.0.3, SIMATIC S7-400 CPU 414-2 DP V7 All versions, SIMATIC S7-400 CPU 414-3 DP V7 All versions, SIMATIC S7-400 CPU 414-...
2N OS 安全漏洞
2N OS is an operating system for access control systems from 2N. A security vulnerability exists in 2N OS that stems from a specially crafted packet handling flaw. An attacker exploiting the vulnerability could crash the device...
CVE-2019-5152
An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An...
CVE-2025-21669
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause issues when we access...
CVE-2025-21669 vsock/virtio: discard packets if the transport changes
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: discard packets if the transport changes If the socket has been de-assigned or assigned to another transport, we must discard any packets received because they are not expected and would cause issues when we access...
CVE-2023-37023
Open5GS MME versions = 2.6.4 contain a reachable assertion in the Uplink NAS Transport packet handler. A packet missing its MMEUES1APID field causes Open5gs to crash; an attacker may repeatedly send such packets to cause denial of service...
CVE-2024-56717
In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix incorrect IFH SRCPORT field in ocelotifhsetbasic Packets injected by the CPU should have a SRCPORT field equal to the CPU port module index in the Analyzer block ocelot-numphysports. The blamed commit copie...
CVE-2024-56648 net: hsr: avoid potential out-of-bound access in fill_frame_info()
In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid potential out-of-bound access in fillframeinfo syzbot is able to feed a packet with 14 bytes, pretending it is a vlan one. Since fillframeinfo is relying on skb-maclen already, extend the check to cover this case...
kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...
AZL-52951 CVE-2024-50168 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: net/sun382586: fix potential memory leak in sun382586sendpacket The sun382586sendpacket returns NETDEVTXOK without freeing skb in case of skb-len being too long, add devkfreeskb to fix it...