CVE-2023-28116 Buffer overflow in L2CAP due to misconfigured MTU

Contiki-NG is an open-source, cross-platform operating system for internet of things IoT devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer packetbuf for processing o...

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG version 4.8 and prior versions, which stems from a buffer overflow that may occur when the L2CAP module copies packet data to the packetbu...

CVE-2023-23609 contiki-ng BLE-L2CAP contains Improper size validation of L2CAP frames

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol BLE-L2C...

Input validation

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system file os/net/ipv6/sicslowpan.c contains an input function that processes incoming packets and copies them into a packet buffer. Because of a...

CVE-2021-28715

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

CVE-2021-34740

A vulnerability in the WLAN Control Protocol WCP implementation for Cisco Aironet Access Point AP software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. This vulnerability is due to incorrect error handli...

CVE-2021-34740 Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability

A vulnerability in the WLAN Control Protocol WCP implementation for Cisco Aironet Access Point AP software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. This vulnerability is due to incorrect error handli...

Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability

A vulnerability in the WLAN Control Protocol WCP implementation for Cisco Aironet Access Point AP software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. This vulnerability is due to incorrect error handli...

PT-2024-11302 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free error during reset in the igb driver. This occurs when the next to watch descriptor is not properly cleaned while cleaning the TX ring, leading...

CVE-2020-7469

In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet...

CVE-2021-33790

The RebornCore library before 4.7.3 allows remote code execution because it deserializes untrusted data in ObjectInputStream.readObject as part of reborncore.common.network.ExtendedPacketBuffer. An attacker can instantiate any class on the classpath with any data. A class usable for exploitation...

CVE-2020-12884

A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sncoapparseroptionsparsemultipleoptions parses CoAP options that may occur multiple consecutive times in a single packet. While processing th...

CVE-2019-13916

An issue was discovered in Cypress formerly Broadcom WICED Studio 6.2 CYW20735B1 and CYW20819A1. As a Bluetooth Low Energy BLE packet is received, it is copied into a Heap ThreadX Block buffer. The buffer allocated in dhmulpgetRxBuffer is four bytes too small to hold the maximum of 255 bytes plus...

DEBIAN-CVE-2019-5716

In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This was addressed in epan/dissectors/packet-6lowpan.c by avoiding use of a TVB before its creation...

Debian Security Advisory DSA 3886-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2017-0605 A buffer overflow flaw was discovered in the trace subsystem. CVE-2017-7487 Li Qiang reported a reference counter leak in the ipxitfioctl...

CVE-2016-10377

In Open vSwitch OvS 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in lib/flow.c in the function miniflowextract, permitting remote bypass of the access control list enforced by the switch...

Cisco IOS Software Point-to-Point Tunneling Protocol Server Information Disclosure Vulnerability (cisco-sa-20160902-ios)

A vulnerability in the implementation of Point-to-Point Tunneling Protocol PPTP server functionality in Cisco IOS Software could allow an unauthenticated, remote attacker to access data from a packet buffer that was previously used. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions...

HP Intelligent Management Center tftpserver.exe TFTP Packet Buffer Overflow (CVE-2011-1852)

A remote code execution has been reported in HP Intelligent Management Center. The vulnerability is due to an error in the tftpserver.exe component while processing DATA or ERROR TFTP packets. A remote attacker could exploit this vulnerability by sending a malformed TFTP packet to an affected...

Wireshark 1.4.4 packet-dect.c Stack Buffer Overflow

$Id: wiresharkpacketdect.rb 12365 2011-04-19 11:32:17Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Cisco ASA 5500 Series Multiple Vulnerabilities (cisco-sa-20110223-asa)

The remote Cisco ASA device is missing a security patch and may be affected by the following issues : - When configured for transparent firewall mode, a packet buffer exhaustion vulnerability could cause the appliance to stop forwarding traffic. CVE-2011-0393 - When SCCP inspection is enabled, a...