PT-2024-40455 · Pypqc · Pypqc

Name of the Vulnerable Software and Affected Versions: PyPQC versions prior to 0.0.6.1 Description: An attacker able to submit many decapsulation requests against a single private key, and to gain timing information about the decapsulation, could recover the private key. A proof-of-concept exploi...

crystals-go vulnerable to KyberSlash (timing side-channel attack for Kyber)

Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Patches Patched in https://github.com/kudelskisecurity/crystals-go/pull/21 Note This library was written as part of a MsC student project in the...

GHSA-9763-4F94-GFCH CIRCL's Kyber: timing side-channel (kyberslash2)

Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Does not apply to ephemeral usage, such as when used in the regular way in TLS. Patches Patched in 1.3.7. References - kyberslash.cr.yp.to...

CIRCL's Kyber: timing side-channel (kyberslash2)

Impact On some platforms, when an attacker can time decapsulation of Kyber on forged cipher texts, they could possibly learn parts of the secret key. Does not apply to ephemeral usage, such as when used in the regular way in TLS. Patches Patched in 1.3.7. References - kyberslash.cr.yp.to...

GHSA-P4V8-JGCV-9G75 safe_pqc_kyber leaks parts of secret keys

Impact On some platforms, when an attacker can time decapsulation, and in particular when the attacker can forge cipher texts, they can learn parts of the secret key. Does not apply to ephemeral usage, such as when used in the regular way in TLS. Patches Patched in 0.6.2. References -...

PT-2024-40389 · Openssl · Openssl

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.6.2 Description: The issue allows an attacker to learn parts of the secret key when they can time decapsulation and forge cipher texts on certain platforms. This does not affect ephemeral usage, such as regular use...

Code injection

ecies is an Elliptic Curve Integrated Encryption Scheme for secp256k1 in Golang. If funcations Encapsulate, Decapsulate and ECDH could be called by an attacker, they could recover any private key that interacts with it. This vulnerability was patched in 2.0.8. Users are advised to upgrade...

K44453423: IP-in-IP Packet Processing vulnerability CVE-2020-10136

Security Advisory Description Multiple products that implement the IP Encapsulation within IP standard RFC 2003, STD 1 decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface an...

CVE-2022-20946

A vulnerability in the generic routing encapsulation GRE tunnel decapsulation feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory handling err...

CVE-2022-20946

Cisco Firepower Threat Defense (FTD) Software is affected by CVE-2022-20946, a memory-handling error in GRE tunnel decapsulation that can be exploited by unauthenticated remote attackers to restart the device and cause DoS. The issue affects GRE processing in FTD; exploitation requires sending a ...

Cisco Firepower Threat Defense Software Generic Routing Encapsulation Denial of Service Vulnerability

A vulnerability in the generic routing encapsulation GRE tunnel decapsulation feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to a memory handling err...

zeek -- Various vulnerabilities

Jon Siwek of Corelight reports: This release fixes the following security issue: The AYIYA and GTPv1 parsing/decapsulation logic may leak memory -- These leaks have potential for remote exploitation to cause Denial of Service via resource exhaustion...

CVE-2020-10136

IP-in-IP protocol specifies IP Encapsulation within IP standard RFC 2003, STD 1 that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing...

PT-2020-3057 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: The issue is related to the IP-in-IP protocol, which is vulnerable to spoofing and access-control bypass due to the lack of validation for network packets before decapsulation...

[Ipdecap] Decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP (ipsec) protocols

Ipdecap can decapsulate traffic encapsulated within GRE, IPIP, 6in4, ESP ipsec protocols, and can also remove IEEE 802.1Q virtual lan header. It reads packets from an pcap file, removes the encapsulation protocol, and writes them to another pcap file. Goals are: Extract encapsulated tcp flow to...

Cisco IOS GRE Decapsulation Vulnerability

The remote device contains a flaw in the way GRE packets are handled. By sending a specially crafted GRE packet, an attacker can take advantage of this flaw to potentially bypass access-control lists. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17789;...

kernel: dvb-core: DoS bug in ULE decapsulation code

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvbnet.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service infinite loop via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE...

kernel: dvb-core: DoS bug in ULE decapsulation code

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvbnet.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service infinite loop via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE...

CVE-2010-1086

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvbnet.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service infinite loop via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE...

CVE-2010-1086

The CVE-2010-1086 entry concerns the Linux kernel (dvb-core) ULE decapsulation code in dvb_net.c. A vulnerability in the ULE Payload Pointer handling allows an attacker to induce an infinite-loop denial of service via a crafted MPEG-2 TS frame, affecting kernel 2.6.33 and earlier. Connected advis...