Lucene search
+L

55 matches found

SUSE CVE
SUSE CVE
added 2023/08/24 2:24 a.m.5 views

SUSE CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

6.5CVSS6.7AI score0.00296EPSS
Exploits0References30
OSV
OSV
added 2023/08/09 12:0 a.m.3 views

UBUNTU-CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

7.8CVSS7AI score0.00296EPSS
Exploits0References23
Positive Technologies
Positive Technologies
added 2023/08/08 12:0 a.m.13 views

PT-2023-4315 · Linux +6 · Linux +6

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to the Linux netback driver, which was modified to handle a frontend splitting a packet in a way that not all headers come in one piece. However, the introduced logic did...

9.8CVSS6.9AI score0.54577EPSS
Exploits28References819
CNNVD
CNNVD
added 2022/04/14 12:0 a.m.5 views

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS is vulnerable to a code issue that could allow an unauthenticated network-based...

7.5CVSS7.5AI score0.00934EPSS
Exploits0References3
OSV
OSV
added 2022/02/22 10:16 a.m.12 views

USN-5299-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. CVE-2020-26147 It was discovered that the bluetooth...

7.8CVSS7.5AI score0.07604EPSS
Exploits6References14
CNNVD
CNNVD
added 2021/06/25 12:0 a.m.6 views

Phoenix Contact FL SWITCH 安全漏洞

Phoenix Contact FL SWITCH is an industrial Ethernet switch from Phoenix Contact, Germany.TCP Transmission Control Protocol is a connection-oriented, reliable, byte-stream-based transport layer communication protocol defined by the IETF RFC 793. TCP Transmission Control Protocol is a...

5.3CVSS5.7AI score0.00946EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2016:2507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.1AI score0.00502EPSS
Exploits0References21
OSV
OSV
added 2021/05/31 3:39 p.m.8 views

UVI-2021-1000145 openvswitch: fix stack OOB read while fragmenting IPv4 packets

openvswitch: fix stack OOB read while fragmenting IPv4 packets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.36 by commit...

7.1AI score
Exploits0
OSV
OSV
added 2021/05/31 3:39 p.m.13 views

UVI-2021-1000177 openvswitch: fix stack OOB read while fragmenting IPv4 packets

openvswitch: fix stack OOB read while fragmenting IPv4 packets This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.118 by commit...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/03/30 12:0 a.m.3 views

PT-2024-11134 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's handling of UDP tunnel packets. When NETIF F GRO FRAGLIST or NETIF F GRO UDP FWD are enabled and UDP tunnels are available, the udp gro recei...

5.5CVSS6.4AI score0.00208EPSS
Exploits0References18
OSV
OSV
added 2021/01/11 10:15 p.m.4 views

CVE-2020-0471

In reassembleanddispatch of packetfragmenter.cc, there is a possible way to inject packets into an encrypted Bluetooth connection due to improper input validation. This could lead to remote escalation of privilege between two Bluetooth devices by a proximal attacker, with no additional execution...

9.8CVSS6.7AI score0.0159EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/12/01 12:0 a.m.27 views

CVE-2020-17438

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafti...

9.8CVSS7.6AI score0.1854EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:22 a.m.30 views

Denial Of Service (DoS)

kernel is vulnerable to denial of service. The possibility of a kernel crash was found in the Linux kernel IPsec protocol implementation, due to improper handling of fragmented ESP packets. When an attacker controlling an intermediate router fragmented these packets into very small pieces, it wou...

7.1CVSS2.3AI score0.02452EPSS
Exploits1References23Affected Software1
OSV
OSV
added 2019/09/24 8:15 p.m.4 views

UBUNTU-CVE-2019-16410

An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of headerlen checking...

9.1CVSS5.8AI score0.02055EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/09/16 12:0 a.m.46 views

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20190912)

Security Fixes : - kernel: Memory corruption due to incorrect socket cloning CVE-2018-9568 - kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraidsasbase.c leading to DoS CVE-2019-11810 For more details about the security issues, including the impact, a CVSS score, acknowledgments,...

7.8CVSS6.6AI score0.05789EPSS
Exploits0References5
Prion
Prion
added 2016/12/08 5:59 p.m.20 views

Code injection

The icmp6send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service panic via a fragmented IPv6 packet...

7.8CVSS6.8AI score0.05671EPSS
Exploits0References4Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.38 views

Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.31 views

Windows XP TCP Packet Fragmentation Handling Denial of Service Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/11258/info Multiple vendor implementations of the TCP stack are reported prone to a remote denial-of-service vulnerability. The issue is reported to present itself due to inefficiencies present when handling fragmented TC...

7.1AI score
Exploits0
Rows per page
Query Builder