RHEL 4 : bind (RHSA-2012:1365)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1365 advisory. - bind: specially crafted resource record causes named to exit CVE-2012-4244 - bind: Specially crafted DNS data can cause a lockup in named...

Security Bulletin: Vulnerability in BIND affects IBM Integrated Analytics System [CVE-2023-3341]

Summary Redhat provided BIND is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE CVE-2023-3341 Vulnerability Details CVEID:CVE-2023-3341 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a stack exhaustion flaw in contro...

CVE-2024-4165

A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.179502. Affected is the function modifyDhcpRule of the file /goform/modifyDhcpRule. The manipulation of the argument bindDhcpIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. T...

CVE-2024-4119

A vulnerability was found in Tenda W15E 15.11.0.14. It has been declared as critical. This vulnerability affects the function formIPMacBindDel of the file /goform/delIpMacBind. The manipulation of the argument IPMacBindIndex leads to stack-based buffer overflow. The attack can be initiated...

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda W15E version 15.11.0.14, which originates from the IPMacBindRule parameter of the formIPMacBindAdd method of the /goform/addIpMacBind file that fails to correctly validate the length...

Tenda W15E 安全漏洞

Tenda W15E is a wireless router from Tenda China. A security vulnerability exists in the Tenda W15E version 15.11.0.14, which is caused by a buffer overflow in the IPMacBindRuleId/IPMacBindRuleIp/IPMacBindRuleMac/IPMacBindRuleMark parameter of the formIPMacBindModify method of the...

PT-2024-5485 · Isc +12 · Bind 9 +12

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.11.33-S1 through 9.11.37-S1 BIND 9 versions 9.16.13 through 9.16.50 BIND 9 versions 9.16.13-S1 through 9.16.50-S1 BIND 9 versions 9.18.0 through 9.18.27 BIND 9 versions 9.18.11-S1 through 9.18.27-S1 BIND 9 versions 9.19.0...

nodejs: code injection and privilege escalation through Linux capabilities

A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if an unprivileged user has set them while the process is running with elevated privileges, except for CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

SUSE CVE-2024-26900

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

nodejs: code injection and privilege escalation through Linux capabilities

A flaw was found in Node.js. On Linux, Node.js ignores certain environment variables if an unprivileged user has set them while the process is running with elevated privileges, except for CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

AZL-40162 CVE-2024-26900 affecting package kernel for versions less than 5.15.159.1-1

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

DEBIAN-CVE-2024-26900

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

CVE-2024-26900

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

PT-2024-3217 · Tenda · Tenda W15E

Name of the Vulnerable Software and Affected Versions: Tenda W15E version 15.11.0.14 Description: A critical issue affects the function formIPMacBindModify of the file /goform/modifyIpMacBind. The manipulation of the arguments IPMacBindRuleId, IPMacBindRuleIp, IPMacBindRuleMac, and...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a kobjectadd failure in bindrdevtoarray, where rdev-serial will be allocated without being freed and a...

bind9: Parsing large DNS messages may cause excessive CPU load

A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service...

bind9: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution

A flaw was found in the bind package. This issue may allow an attacker to query in a DNS64 enabled resolver node with a domain name triggering a server-stale data, triggering a code assertion, and resulting in a crash of named processes. This can allow a remote unauthenticated user to cause a...

bind9: Specific recursive query patterns may lead to an out-of-memory condition

A flaw was found in the named application, part of the bind9 package, which uses a cache database to speeds up DNS queries. To maintain its efficiency when running as a recursive name resolver, named performs a cache database clean up under certain conditions. This issue may allow an attacker to...

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...