1248 matches found
PT-2022-34892 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v4.17 through v6.0.6 Description: A null pointer dereference issue was discovered in the tipc topsrv accept function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in versi...
kernel: mptcp: fix race on unaccepted mptcp sockets
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race on unaccepted mptcp sockets When the listener socket owning the relevant request is closed, it frees the unaccepted subflows and that causes later deletion of the paired MPTCP sockets. The mptcp socket's worker ca...
golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension
A flaw was found in golang.org. In x/text, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension...
golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag
A flaw was found in golang.org. In x/text, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag...
GHSA-69CH-W2M2-3VJP golang.org/x/text/language Denial of service via crafted Accept-Language header
The BCP 47 tag parser has quadratic time complexity due to inherent aspects of its design. Since the parser is, by design, exposed to untrusted user input, this can be leveraged to force a program to consume significant time parsing Accept-Language headers. The parser cannot be easily rewritten t...
AZL-33575 CVE-2022-32149 affecting package containerized-data-importer for versions less than 1.55.0-20
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-33628 CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.17-2
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-35041 CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.15-1
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
CVE-2022-32149
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-35016 CVE-2022-32149 affecting package multus for versions less than 4.0.2-1
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-43963 CVE-2022-32149 affecting package containernetworking-plugins 1.1.1-17
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-43954 CVE-2022-32149 affecting package podman 4.1.1-26
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-43735 CVE-2022-32149 affecting package buildah 1.18.0-29
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-33565 CVE-2022-32149 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-22
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-45162 CVE-2022-32149 affecting package containernetworking-plugins for versions less than 1.6.1-4
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-33646 CVE-2022-32149 affecting package terraform for versions less than 1.3.2-19
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-33643 CVE-2022-32149 affecting package sriov-network-device-plugin for versions less than 3.6.2-2
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-45108 CVE-2022-32149 affecting package buildah for versions less than 1.41.4-2
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
AZL-44613 CVE-2022-32149 affecting package podman for versions less than 5.6.1-2
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...
DEBIAN-CVE-2022-32149
An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse...