105 matches found
openSUSE 15 Security Update : kernel (openSUSE-SU-2021:3941-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3941-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of...
UBUNTU-CVE-2021-20322
A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest...
CVE-2021-20322
A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest...
The vulnerability of the Network Time Protocol NTP, related to insufficient protection of service data, allows attackers to trigger a service failure.
The vulnerability of the Network Time Protocol NTP is related to insufficient protection of service data during port randomization. Exploiting this vulnerability can allow a malicious actor to cause service failures by connecting through port 123...
PT-2021-7066 · Linux +8 · Linux Kernel +8
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw in the processing of received ICMP errors, specifically ICMP fragment needed and ICMP redirect, allows an off-path remote user to quickly scan open UDP ports and bypass the sour...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
Nucleus ReadyStart安全特征问题漏洞
The Nucleus NET module includes a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device.Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for...
Oracle Linux 7 : kernel (ELSA-2021-0856)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0856 advisory. - pinctrl devicetree: Avoid taking direct reference to device name string Aristeu Rozanski 1922902 CVE-2020-0427 - pinctrl Delete an error message...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
kernel: ICMP rate limiting can be used for DNS poisoning attack
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2021-9007)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9007 advisory. - xen-blkback: set ring-xenblkd to NULL after kthreadstop Pawel Wieczorkiewicz Orabug: 32260252 CVE-2020-29569 - xenbus/xenbusbackend: Disallow...
SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3764-1)
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-15436: Fixed a use after free vulnerability in fs/blockdev.c which could have allowed local users to gain privileges or cause a denial of service...
SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3532-1)
The SUSE Linux Enterprise 15 LTSS kernel was updated to receive various security and bug fixes. The following security bugs were fixed : CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote...
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4 SCALANCE M-800: All versions between v5.0 and v6.4 SCALANCE S615: All versions between v5.0 and v6.4 SCALANCE SC-600: All versions prior to v2.1.3 SCALANCE W1750D: v8.3.0.1 v8.6.0 and v8.7.0 SIMATIC Cloud Connect 7: All versions SIMATIC MV500 Family: All versions SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later SIMATIC NET CP 1243-7 LTE EU: Version
...