Lucene search
K

96 matches found

vulnrichment
vulnrichment
added 2024/07/11 2:39 p.m.21 views

CVE-2024-37151 Suricata defrag: IP ID reuse can lead to policy bypass

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When usin...

5.3CVSS6.9AI score0.00621EPSS
Exploits0References5
osv
osv
added 2024/07/11 2:39 p.m.12 views

CVE-2024-37151 Suricata defrag: IP ID reuse can lead to policy bypass

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When usin...

5.3CVSS7.3AI score0.00621EPSS
Exploits0References8
debiancve
debiancve
added 2024/07/11 2:39 p.m.24 views

CVE-2024-37151

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When usin...

7.5CVSS7.3AI score0.00621EPSS
Exploits0
cvelist
cvelist
added 2024/07/11 2:39 p.m.45 views

CVE-2024-37151 Suricata defrag: IP ID reuse can lead to policy bypass

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When usin...

5.3CVSS0.00621EPSS
Exploits0References5
alpinelinux
alpinelinux
added 2024/07/11 2:39 p.m.43 views

CVE-2024-37151

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Mishandling of multiple fragmented packets using the same IP ID value can lead to packet reassembly failure, which can lead to policy bypass. Upgrade to 7.0.6 or 6.0.20. When usin...

7.5CVSS6.3AI score0.00621EPSS
Exploits0
susecve
susecve
added 2024/05/28 3:32 a.m.4 views

SUSE CVE-2021-47508

In the Linux kernel, the following vulnerability has been resolved: btrfs: free exchange changeset on failures Fstests runs on my VMs have show several kmemleak reports like the following. unreferenced object 0xffff88811ae59080 size 64: comm "xfsio", pid 12124, jiffies 4294987392 age 6.368s hex...

4.4CVSS6.3AI score0.00205EPSS
Exploits0References6
osv
osv
added 2024/05/24 3:15 p.m.3 views

UBUNTU-CVE-2021-47508

In the Linux kernel, the following vulnerability has been resolved: btrfs: free exchange changeset on failures Fstests runs on my VMs have show several kmemleak reports like the following. unreferenced object 0xffff88811ae59080 size 64: comm "xfsio", pid 12124, jiffies 4294987392 age 6.368s hex...

5.5CVSS5.7AI score0.00205EPSS
Exploits0References5
amazon
amazon
added 2024/05/13 12:0 a.m.8 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect CVE-2024-26923 In the...

8.8CVSS6.4AI score0.01167EPSS
Exploits1
amazon
amazon
added 2024/05/13 12:0 a.m.10 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use CVE-2024-26921 In the Linux kernel, the following vulnerability has been resolved: afunix: Fix garbage collector racing against connect CVE-2024-26923 In the...

8.8CVSS7.6AI score0.01167EPSS
Exploits1
cvelist
cvelist
added 2024/05/07 3:6 p.m.26 views

CVE-2024-32867 Suricata's defrag contains various issues leading to policy bypass

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, various problems in handling of fragmentation anomalies can lead to mis-detection of rules and policy. This vulnerability is fixed in 7.0.5 or 6.0.19...

5.3CVSS5.8AI score0.00699EPSS
Exploits0References10
susecve
susecve
added 2024/04/20 2:8 a.m.5 views

SUSE CVE-2024-26921

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

6.6CVSS6.5AI score0.0038EPSS
Exploits1References22
osv
osv
added 2024/04/18 10:15 a.m.2 views

UBUNTU-CVE-2024-26921

In the Linux kernel, the following vulnerability has been resolved: inet: inetdefrag: prevent sk release while still in use iplocalout and other functions can pass skb-sk as function argument. If the skb is a fragment and reassembly happens before such function call returns, the sk must not be...

5.5CVSS6.3AI score0.0038EPSS
Exploits1References23
cve
cve
added 2024/04/18 9:47 a.m.7937 views

CVE-2024-26921

CVE-2024-26921 is a Linux kernel issue where in the tx path, skb fragments could trigger a use-after-free of the socket when fragments are reassembled and the skb->sk field is freed prematurely. The fix, analyzed by Eric Dumazet, moves orphaning to the last safe moment, delaying skb->sk des...

5.5CVSS6.4AI score0.0038EPSS
Exploits1References8Affected Software1
mscve
mscve
added 2023/06/10 7:0 a.m.7 views

A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().

...

7.8CVSS7.3AI score0.00442EPSS
Exploits0
susecve
susecve
added 2023/06/07 2:24 a.m.3 views

SUSE CVE-2023-3111

A use after free vulnerability was found in preparetorelocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfsioctlbalance before calling btrfsioctldefrag...

6.7CVSS6.8AI score0.00442EPSS
Exploits0References35
osv
osv
added 2023/06/05 9:15 p.m.5 views

AZL-27087 CVE-2023-3111 affecting package kernel for versions less than 5.15.116.1-2

A use after free vulnerability was found in preparetorelocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfsioctlbalance before calling btrfsioctldefrag...

7.8CVSS6.6AI score0.00442EPSS
Exploits0References1
osv
osv
added 2023/06/05 9:15 p.m.3 views

DEBIAN-CVE-2023-3111

A use after free vulnerability was found in preparetorelocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfsioctlbalance before calling btrfsioctldefrag...

7.8CVSS6.3AI score0.00442EPSS
Exploits0References1
osv
osv
added 2023/06/05 9:15 p.m.2 views

UBUNTU-CVE-2023-3111

A use after free vulnerability was found in preparetorelocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfsioctlbalance before calling btrfsioctldefrag...

7.8CVSS6.6AI score0.00442EPSS
Exploits0References11
osv
osv
added 2022/03/18 12:12 a.m.10 views

GSD-2022-1000723 btrfs: defrag: allow defrag_one_cluster() to skip large extent which is not a target

btrfs: defrag: allow defragonecluster to skip large extent which is not a target This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.12 by...

7.2AI score
Exploits0
osv
osv
added 2022/02/27 3:29 a.m.16 views

GSD-2022-1000602 btrfs: defrag: fix wrong number of defragged sectors

btrfs: defrag: fix wrong number of defragged sectors This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.5 by commit...

7.2AI score
Exploits0
Rows per page
Query Builder