22 matches found
SUSE CVE-2026-45844
In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...
CVE-2026-45844
In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...
EUVD-2026-32170
In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...
CVE-2026-45844
CVE-2026-45844 affects the Linux kernel netfilter arp_tables by fixing IEEE1394 ARP payload parsing. The issue stemmed from arp_packet_match() assuming both source and target hardware addresses exist, causing it to read garbage on IEEE1394 (IPv4-over-IEEE1394, RFC 2734). The patch aligns arp_pack...
CVE-2026-45844 netfilter: arp_tables: fix IEEE1394 ARP payload parsing
In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the netfilter arptables module’s improper handling of omitted target hardware address fields when...
CVE-2026-45844
netfilter: arptables: fix IEEE1394 ARP payload parsing...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002718)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002718 advisory. The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local...
MiracleLinux 3 : kernel-2.6.18-194.13.AXS3 (AXSA:2011-264:04)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-264:04 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...
MiracleLinux 3 : kernel-2.6.18-238.2.AXS3 (AXSA:2011-282:05)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-282:05 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...
AZL-51452 CVE-2024-50038 affecting package kernel for versions less than 6.6.57.1-1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTOUNSPEC where needed syzbot managed to call xtcluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xtcluster.c:72 xtclustermt+0x196/0x780 .. ebtdotable+0x174b/0x2a40 Module register...
SUSE CVE-2011-1170
net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
PT-2018-10028 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 4.15.7 Description: The netfilter subsystem in the Linux kernel mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service NULL...
ARP Firewall: SCUTUM
SCUTUM is an ARP firewall that prevents your computer from being arp spoofed. Scutum controls “arptables” in your computer so it accepts ARP packets only from the gateway. This way, people with malicious intentions cannot spoof your arp table. Scutum also prevents other people from detecting your...
Zyxel MAX3XX Series Wimax CPEs Hardcoded Root Password
Vulnerability Title: Hardcoded root password in Zyxel MAX3XX series Wimax CPEs Date: 23/03/2016 Product: Zyxel MAX3XX series CPEs Vendor: www.zyxel.com Affected Firmware: Latest version at the time of disclosure v 2.00 and below tested Patch: Unpatched Vendor contact date: 12/12/2015 Authored by:...
SunOS <= 4.1.4 arp(8c) Memory Dump Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/291/info The version of arp8c which shipped with versions of SunOs 4.1.X could be used to dump system memory by using the -f flag. This flag causes the file filename to be read and multiple entries to be set in the ARP...
CVE-2011-1170
CVE-2011-1170 affects the Linux kernel prior to 2.6.39 where net/ipv4/netfilter/arp_tables.c does not place the expected null terminator at the end of certain string values. This can allow a local user with CAP_NET_ADMIN to craft a request and read the argument to the modprobe process, potentiall...
CVE-2011-1170
net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: ipv4: netfilter: arp_tables: fix infoleak to userspace
net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...
kernel: ipv4: netfilter: arp_tables: fix infoleak to userspace
net/ipv4/netfilter/arptables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...