155 matches found
Das U-Boot 缓冲区错误漏洞
Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot versions prior to 2022.01, which stems from U-Boot's...
AZL-8579 CVE-2022-0382 affecting package kernel for versions less than 5.15.26.1-1
An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user...
PT-2021-8042 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.17-rc1 Description: The issue is related to an information leak flaw in the Linux kernel's TIPC protocol subsystem. This flaw occurs due to uninitialized memory when a user sends a TIPC datagram to one or more...
CVE-2020-35471
Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1500...
Envoy 安全漏洞
Envoy is an open source distributed proxy server . A security vulnerability exists in versions prior to Envoy 1.16.1 that stems from incorrect handling of dropped and truncated datagrams, as evidenced by a UDP packet size greater than 1500 segmentation error. No details of the vulnerability are...
Samba Input Validation Error Vulnerability
Samba is a set of free software from the Samba team that enables UNIX series operating systems to connect to the SMB/CIFS network protocol of Microsoft Windows operating systems. The program supports sharing printers, transferring data files to each other, and so on. An input validation error...
net-snmp: NULL pointer exception in snmp_oid_compare in snmplib/snmp_api.c resulting in a denial of service
snmpoidcompare in snmplib/snmpapi.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service...
ppp security update
CentOS Errata and Security Advisory CESA-2020:0631 An update for ppp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Important: Red Hat Security Advisory: ppp security update
An update for ppp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
ALSA-2020:0633 Important: ppp security update
The ppp packages contain the Point-to-Point Protocol PPP daemon and documentation for PPP support. The PPP protocol provides a method for transmitting datagrams over serial point-to-point links. PPP is usually used to dial in to an Internet Service Provider ISP or other organization over a modem...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2018-1313)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: java-1.8.0-openjdk security update
An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams
A heap buffer overflow issue was found in the way SLiRP networking back-end in QEMU processes fragmented packets. It could occur while reassembling the fragmented datagrams of an incoming packet. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS...
Arbitrary Code Execution
Linux kernel is vulnerable to buffer overflow vulnerability. This is due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver firewire-net in a fragment handling code in the Linux kernel. Remote attackers could execute arbitrary code via crafted...
kernel: Buffer overflow in firewire driver via crafted incoming packets
A buffer overflow vulnerability due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver firewire-net in a fragment handling code in the Linux kernel. The vulnerability exists since firewire supported IPv4, i.e. since version 2.6.31 year 2009 till...
QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams
A heap buffer overflow issue was found in the way SLiRP networking back-end in QEMU processes fragmented packets. It could occur while reassembling the fragmented datagrams of an incoming packet. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS...
EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2018-1314)
According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams CVE-2018-11806 - QEMU: i386: multiboot OOB access while loading kern...
EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2018-1313)
According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams CVE-2018-11806 - QEMU: i386: multiboot OOB access while loading kern...
QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams
A heap buffer overflow issue was found in the way SLiRP networking back-end in QEMU processes fragmented packets. It could occur while reassembling the fragmented datagrams of an incoming packet. A privileged user/process inside guest could use this flaw to crash the QEMU process resulting in DoS...
SUSE SLES11 Security Update : kvm (SUSE-SU-2018:2615-1) (Spectre)
This update for kvm fixes the following security issues : CVE-2018-12617: qmpguestfileread had an integer overflow that could have been exploited by sending a crafted QMP command including guest-file-read with a large count value to the agent via the listening socket causing DoS bsc1098735...