CVE-2023-28970 Junos OS: JRR200: Kernel crash upon receipt of a specific packet

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash,...

CVE-2023-28959 Junos OS: QFX10002: PFE wedges and restarts upon receipt of specific malformed packets

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to...

CVE-2023-28970

Technical details about CVE-2023-28970 are not publicly available in the provided connected documents. Monitor for updates; no new information on affected versions, root cause specifics, exploitation status, or remediation is present here.

CVE-2023-28959 Junos OS: QFX10002: PFE wedges and restarts upon receipt of specific malformed packets

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to...

CVE-2023-28959

The CVE-2023-28959 entry affects Juniper Networks Junos OS on QFX10002. The issue is an improper check/handling of exceptional conditions in packet processing, triggered by a specially malformed packet sent by an unauthenticated, adjacent attacker on the local broadcast domain. Exploitation wedge...

openvswitch: ip proto 0 triggers incorrect handling

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

CVE-2022-33223

Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding...

CVE-2022-25739 Null Point Dereference in MODEM

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call...

PT-2023-12808 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to information disclosure in the modem due to a buffer over-read. This occurs while the modem is processing packets from a DNS server. Recommendations: At the moment, the...

PT-2023-13239 · Qualcomm · Snapdragon +187

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to memory corruption in a modem caused by a buffer overflow when processing a PPP packet. No information is provided about the...

SUSE CVE-2008-3146

Multiple buffer overflows in packetncp2222.inc in Wireshark formerly Ethereal 0.9.7 through 1.0.2 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used...

SUSE CVE-2016-6508

epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service large loop via a crafted packet...

SUSE CVE-2020-14364

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from an informatio...

CVE-2022-25734 Loop with Unreachable Exit Condition in MODEM

Denial of service in modem due to missing null check while processing IP packets with padding...

PT-2023-12812 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a denial of service in the modem due to a missing null check while processing TCP or UDP packets from the server. Recommendations: At the moment, there is no informati...

zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports: A missing field in the SMB FSControl script-land record could cause a heap buffer overflow when receiving packets containing those header types. Receiving a series of packets that start with HTTP/1.0 and then switch to HTTP/0.9 could cause Zeek to spend a lar...

Important: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Important: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

RLSA-2023:0171 Important: dpdk security update

The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs CVE-2022-2132 For more details about the security...