EUVD-2020-17305

Malware in sbrugna...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2023:2809-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2809-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2021-9404)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9404 advisory. - seqfile: disallow extremely large seq buffer allocations Eric Sandeen Orabug: 33135632 CVE-2021-33909 - Bluetooth: fix the erroneous flushwork...

Internet Bug Bounty: Fragmentation and Aggregation Flaws in Wi-Fi

I discovered three design flaws in the Wi-Fi standard and widespread related implementation flaws see GitHub overview and test tool. Here I'll specifically cover open source software. These findings have not received bug bounties from other sources. Implementation flaws allowing trivial packet...

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames which is mandatory as part of 802.11...