27 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: xfrm: added a NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated in xfrmallocreplaystateesn..., hence xfrmupdateaeparams... can update them. However, the current implementation of...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992598)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992598 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991114)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991114 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be...
CVE-2025-63958
MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...
CVE-2025-63958
MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...
CVE-2025-63958
MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...
CVE-2025-63958
MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...
CVE-2025-63958
MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...
PT-2025-47945
Name of the Vulnerable Software and Affected Versions MILLENSYS Vision Tools Workspace version 6.5.0.2585 Description MILLENSYS Vision Tools Workspace version 6.5.0.2585 has a configuration endpoint, /MILLENSYS/settings, that does not require authentication. Accessing this endpoint reveals...
CVE-2025-63958
CVE-2025-63958 affects MILLENSYS Vision Tools Workspace 6.5.0.2585. The issue is a privileged endpoint, /MILLENSYS/settings, that accepts requests without authentication, exposing plaintext database credentials, file share paths, internal license server configuration, and software update paramete...
SUSE CVE-2023-53147
In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated at xfrmallocreplaystateesn... in xfrmstateconstruct..., hence the xfrmupdateaeparams... is okay to update them. However, the...
CVE-2023-53147
In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated at xfrmallocreplaystateesn... in xfrmstateconstruct..., hence the xfrmupdateaeparams... is okay to update them. However, the...
SUSE CVE-2023-3772
A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...
kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...
kernel: xfrm: add NULL check in xfrm_update_ae_params
In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrmupdateaeparams Normally, x-replayesn and x-preplayesn should be allocated at xfrmallocreplaystateesn... in xfrmstateconstruct..., hence the xfrmupdateaeparams... is okay to update them. However, the...
Kernel: xfrm: null pointer dereference in xfrm_update_ae_params()
...
kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...
kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params()
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...
The vulnerability of the xfrm_update_ae_params() function in the net/xfrm/xfrm_user.c module of the XFRM subsystem in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the xfrmupdateaeparams function in the net/xfrm/xfrmuser.c module of the XFRM subsystem in the Linux operating system is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
UBUNTU-CVE-2023-3772
A flaw was found in the Linux kernel’s IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to directly dereference a NULL pointer in xfrmupdateaeparams, leading to a possible kernel crash and denial of service...