CVE-2025-39718 vsock/virtio: Validate length in packet header before skb_put()

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

CVE-2025-39718

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

The vulnerability of the OpenSynergy BlueSDK Bluetooth protocol stack, which allows a hacker to disclose protected information

The vulnerability of the OpenSynergy BlueSDK Bluetooth protocol stack is related to incorrect processing of the network packet header. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by this security mechanism...

CVE-2024-48981

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet header by looking up the identifying first byte and matching it against a table of possible lengths. The initial parsing function, hciTrSerialRxIncoming does n...

CVE-2022-20688

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This vulnerability is due ...

DEBIAN-CVE-2025-37816

In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid countedby use gcc 15 honors the countedbylen attribute on vsctppacket.buf and the vsc-tp.c code is using this in a wrong way. len does not contain the available size in the buffer, it...

UBUNTU-CVE-2025-37816

In the Linux kernel, the following vulnerability has been resolved: mei: vsc: Fix fortify-panic caused by invalid countedby use gcc 15 honors the countedbylen attribute on vsctppacket.buf and the vsc-tp.c code is using this in a wrong way. len does not contain the available size in the buffer, it...

PT-2025-20345

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel. The issue is related to the use of the counted by function in the vsc-tp.c code, which is using the counted bylen attribute on vsc ...

CVE-2024-56656

CVE-2024-56656 affects the bnxt_en driver in the Linux kernel and is caused by an aggregation ID mask that was not updated for P7 (5760X) chips. The completion structures’ aggregation ID field was redefined from 16 bits to 12 bits on P7, freeing 4 bits for metadata (e.g., VLAN ID). As a result, t...

CVE-2024-48983

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the...

CVE-2024-48981

Summary: MBed OS 6.16.0 contains a vulnerability in HCI packet processing. The code path that determines the packet header length during HCI input (function hciTrSerialRxIncoming) does not discard packets with invalid identifiers and does not set a safe default for unknown header lengths. This ca...

ROS-20240909-03

Vulnerability of the opteeregisterdevice function in the drivers/tee/optee/device.c module of the Trusted Execution Environment TEE module of the Linux kernel is related to incorrect processing of the return code. return code. Exploitation of the vulnerability could allow an attacker to cause a...

The vulnerability of the ip_tunnel_rcv() function in the net/ipv4/ip_tunnel.c module of the Linux operating system’s IPv4 protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the iptunnelrcv function in the net/ipv4/iptunnel.c module of the Linux kernel’s IPv4 protocol implementation is related to improper handling of the network packet header. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

PT-2024-40741 · Pcpp · Pcpp

Name of the Vulnerable Software and Affected Versions: pcpp affected versions not specified Description: The issue is related to a crash type of UNKNOWN READ in the pcpp::Packet::destructPacketData function, located in Packet.h. Recommendations: At the moment, there is no information about a newe...

USN-6725-2 linux-aws, linux-aws-5.15 vulnerabilities

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service system crash or possibly...

CVE-2024-28957

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device...

CVE-2024-28957

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device...

CVE-2024-28957

Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device...

CVE-2024-28957

The CVE-2024-28957 vulnerability affects Cente middleware TCP/IP Network Series devices. It is a predictable-IDs issue (CWE-340) where an attacker, remotely and without authentication, could disrupt or interfere communications by guessing packet header IDs. The Red Hat advisory and NVD records de...

Cente middleware TCP/IP Network Series 安全漏洞

Cente middleware TCP/IP Network Series is a series of network devices from Cente Japan. A security vulnerability exists in the Cente middleware TCP/IP Network Series. A remote attacker could exploit the vulnerability to disrupt communications by predicting certain packet header IDs of the device...