EUVD-2022-38823

Malicious code in bioql PyPI...

CVE-2022-50321 wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix potential memory leak in brcmfnetdevstartxmit The brcmfnetdevstartxmit returns NETDEVTXOK without freeing skb in case of pskbexpandhead fails, add devkfreeskb to fix it. Compile tested only...

CVE-2025-1394

The Ember ZNet stack’s packet buffer manager may read out of bound memory leading to an assert, causing a Denial of Service DoS...

CVE-2023-33975

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used...

CVE-2021-21410

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function uncompresshdriphc does not perform proper boundary chec...

CVE-2022-49369 amt: fix possible memory leak in amt_rcv()

In the Linux kernel, the following vulnerability has been resolved: amt: fix possible memory leak in amtrcv If an amt receives packets and it finds socket. If it can't find a socket, it should free a received skb. But it doesn't. So, a memory leak would possibly occur...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Firewire: nosy – Ensure that the userlength is taken into account when retrieving packet contents. Ensure that packetbufferget respects the userlength provided. If the length of the header packet exceeds the userlength,...

AZL-48498 CVE-2024-43861 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: fix memory leak for not ip packets Free the unused skb when not ip packets arrive...

UBUNTU-CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 byte...

SUSE CVE-2024-2397

Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLTPPPSERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21...

PT-2023-24152 · Unknown · Automotive Audio

Name of the Vulnerable Software and Affected Versions: Automotive Audio affected versions not specified Description: The issue is related to memory corruption in Automotive Audio. It occurs while copying data from the ADSP shared buffer to the VOC packet data buffer. Recommendations: At the momen...

Out-of-bounds

Contiki-NG is an open-source, cross-platform operating system for IoT devices. When reading the TCP MSS option value from an incoming packet, the Contiki-NG OS does not verify that certain buffer indices to read from are within the bounds of the IPv6 packet buffer, uipbuf. In particular, there is...

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. Contiki-NG suffers from a buffer error vulnerability that stems from the fact that when reading TCP MSS option values from incoming packets, the Contiki-NG operating system does not...

CVE-2023-33975

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used...

CVE-2023-24817

RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer...

CVE-2023-24823

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a type confusion between IPv6 extension headers and a UDP header...

CVE-2023-24819

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be us...

RIOT RIOT-OS 数字错误漏洞

RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A numeric error vulnerability exists in RIOT RIOT-OS versions prior to 2022.10, which can be exploited by an attacker to allow a device to send crafted frames that result in a large number of out-of-bounds writes...

RIOT RIOT-OS 数字错误漏洞

RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A numeric error vulnerability exists in versions of RIOT-OS prior to 2022.10. An attacker exploits this vulnerability to send specially crafted frames that result in a large number of out-of-bounds writes beyond...

CVE-2023-24513

On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine Sfe can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually st...