bind: remotely triggerable assertion failure in pk11.c

A flaw was found in bind. An assertion failure can occur when a specially crafted query for a zone signed with an RSA key. BIND must be compiled with "--enable-native-pkcs11" for the system to be affected. The highest threat from this vulnerability is to system availability...

bind: truncated TSIG response can lead to an assertion failure

A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability...

Denial Of Service (DoS)

receive.c in fastd allows denial of service assertion failure when receiving packets with an invalid type code...

CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

Authentication flaw

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

CVE-2020-27617

CVE-2020-27617 affects QEMU 4.2.1, where a vulnerability in the network guest handling (eth_get_gso_type in net/eth.c) allows a guest OS user to trigger an assertion failure, crashing the QEMU process via crafted packet data that lacks a valid Layer 3 protocol. This is documented across multiple ...

CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

EulerOS Virtualization 3.0.6.6 : bind (EulerOS-SA-2020-2444)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker...

bind: truncated TSIG response can lead to an assertion failure

A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability...

bind: remotely triggerable assertion failure in pk11.c

A flaw was found in bind. An assertion failure can occur when a specially crafted query for a zone signed with an RSA key. BIND must be compiled with "--enable-native-pkcs11" for the system to be affected. The highest threat from this vulnerability is to system availability...

bind: asterisk character in an empty non-terminal can cause an assertion failure in rbtdb.c

A flaw was found in bind when an asterisk character is present in an empty non-terminal location within the DNS graph. This flaw could trigger an assertion failure, causing bind to crash. The highest threat from this vulnerability is to system availability...

RHEL 8 : bind (RHSA-2020:4500)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4500 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C...

EulerOS 2.0 SP2 : bind (EulerOS-SA-2020-2329)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

PT-2020-6567 · Openldap +8 · Openldap +8

Name of the Vulnerable Software and Affected Versions: OpenLDAP affected versions not specified Description: A flaw was found in OpenLDAP, allowing an attacker to trigger an assertion failure by sending a malicious packet to be processed by OpenLDAP's slapd server. This flaw poses the highest...

EulerOS 2.0 SP5 : bind (EulerOS-SA-2020-2278)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

PT-2020-6478

Name of the Vulnerable Software and Affected Versions QEMU version 4.2.1 Description The issue is related to the eth get gso type function in the net/eth.c component of the QEMU hardware emulator, which is associated with incorrect accounting of external emulator resources. This can be exploited ...