19 matches found
CVE-2026-43057
In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6CSUM GSO fallback NETIFFIPV6CSUM only advertises support for checksum offload of packets without IPv6 extension headers. Packets with extension headers must fall back onto software...
CVE-2018-12088
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...
EUVD-2018-4068
Malware in sbrugna...
CVE-2025-38432
In the Linux kernel, the following vulnerability has been resolved: net: netpoll: Initialize UDP checksum field before checksumming commit f1fce08e63fe "netpoll: Eliminate redundant assignment" removed the initialization of the UDP checksum, which was wrong and broke netpoll IPv6 transmission due...
RXSA-2024:1607 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: vmwgfx: NULL pointer dereference in vmwcmddxdefinequery CVE-2022-38096 kernel: Out of boundary write in perfreadgroup as result of overflow a perfevent's readsize CVE-2023-6931 kernel: GS...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Huawei HarmonyOS array out-of-bounds vulnerability
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. Huawei HarmonyOS is vulnerable to an array out-of-bounds vulnerability. The vulnerability stems from the program not performing checksumming of messages. An attacker could exploit this vulnerability to cause the kernel to cra...
Huawei HarmonyOS out-of-bounds read vulnerability
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. An out-of-bounds read vulnerability exists in Huawei HarmonyOS, which provides a microkernel-based, full-scenario distributed operating system. The vulnerability stems from the program not performing checksumming of messages...
Design/Logic Flaw
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...
CVE-2018-12088
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...
CVE-2018-12088
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...
CVE-2018-12088
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...
CVE-2018-12088
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...
CVE-2018-12088
The vulnerability CVE-2018-12088 affects S3QL prior to version 2.27. The root cause is mishandling in the checksumming process (checksum_basic_mapping), enabling replay attacks where an attacker who controls the backend can present stale filesystem metadata as current, temporarily inject zero-val...
xfsprogs security update
CentOS Errata and Security Advisory CESA-2015:2151 Updated xfsprogs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerabili...
Low: Red Hat Security Advisory: xfsprogs security, bug fix and enhancement update
Updated xfsprogs packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Meet Linux's New Fastest File-System – Bcachefs
First announced over five years ago, ex-Google engineer Kent Overstreet is pleasured in announcing the general availability of a new open-source file-system for Linux, called the Bcache File System or Bcachefs. Bcachefs is a Linux kernel block layer cache that aims at offering a speedier and more...
Weak CRC allows last block of IDEA-encrypted SSH packet to be changed without notice
Overview There is an information integrity vulnerability in the SSH1 protocol that allows the last block of an IDEA-encrypted session to be modified without notice. Description Preconditions: Session is encrypted using IDEA cipher. Compression is disabled. SSH clients configured to use the IDEA...