55 matches found
SUSE CVE-2023-34319
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...
UBUNTU-CVE-2023-34319
The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...
PT-2023-4315 · Linux +6 · Linux +6
Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to the Linux netback driver, which was modified to handle a frontend splitting a packet in a way that not all headers come in one piece. However, the introduced logic did...
Juniper Networks Junos OS 代码问题漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS is vulnerable to a code issue that could allow an unauthenticated network-based...
USN-5299-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. CVE-2020-26147 It was discovered that the bluetooth...
Phoenix Contact FL SWITCH 安全漏洞
Phoenix Contact FL SWITCH is an industrial Ethernet switch from Phoenix Contact, Germany.TCP Transmission Control Protocol is a connection-oriented, reliable, byte-stream-based transport layer communication protocol defined by the IETF RFC 793. TCP Transmission Control Protocol is a...
SUSE: Security Advisory (SUSE-SU-2016:2507-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UVI-2021-1000145 openvswitch: fix stack OOB read while fragmenting IPv4 packets
openvswitch: fix stack OOB read while fragmenting IPv4 packets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.36 by commit...
UVI-2021-1000177 openvswitch: fix stack OOB read while fragmenting IPv4 packets
openvswitch: fix stack OOB read while fragmenting IPv4 packets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.118 by commit...
PT-2024-11134 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's handling of UDP tunnel packets. When NETIF F GRO FRAGLIST or NETIF F GRO UDP FWD are enabled and UDP tunnels are available, the udp gro recei...
CVE-2020-0471
In reassembleanddispatch of packetfragmenter.cc, there is a possible way to inject packets into an encrypted Bluetooth connection due to improper input validation. This could lead to remote escalation of privilege between two Bluetooth devices by a proximal attacker, with no additional execution...
CVE-2020-17438
An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafti...
Denial Of Service (DoS)
kernel is vulnerable to denial of service. The possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it wou...
UBUNTU-CVE-2019-16410
An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of headerlen checking...
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20190912)
Security Fixes : - kernel: Memory corruption due to incorrect socket cloning CVE-2018-9568 - kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraidsasbase.c leading to DoS CVE-2019-11810 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...
Code injection
The icmp6send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service panic via a fragmented IPv6 packet...
Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...
Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (4)
No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...
Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...
Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...