Lucene search
K

86 matches found

Tenable Nessus
Tenable Nessus
added 2020/12/18 12:0 a.m.36 views

RHEL 7 : kernel-rt (RHSA-2020:5441)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:5441 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

7.5CVSS7.1AI score0.03292EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2020/12/16 12:0 a.m.61 views

Oracle Linux 7 : kernel (ELSA-2020-5437)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5437 advisory. - netdrv hdlcppp: add range checks in pppcpparsecr Guillaume Nault 1882078 CVE-2020-25643 - fs ext4: fix potential negative array index in dosplit Pave...

7.5CVSS6.7AI score0.03292EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2020/12/15 3:6 p.m.6 views

kernel: The flow_dissector feature allows device tracking

A device tracking vulnerability was found in the flowdissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash instead of siphash is used. The hashmd value remains the same starting from boot ti...

5.3CVSS7AI score0.02605EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/15 2:59 p.m.5 views

kernel: The flow_dissector feature allows device tracking

A device tracking vulnerability was found in the flowdissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash instead of siphash is used. The hashmd value remains the same starting from boot ti...

5.3CVSS7AI score0.02605EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/15 2:59 p.m.82 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS6.8AI score0.03292EPSS
Exploits1References9
OSV
OSV
added 2020/11/10 1:15 p.m.4 views

CVE-2020-0448

In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no additional...

5.5CVSS6.2AI score0.00149EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/21 12:0 a.m.35 views

NewStart CGSL MAIN 6.01 : kernel Multiple Vulnerabilities (NS-SA-2020-0030)

The remote NewStart CGSL host, running version MAIN 6.01, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS...

9.8CVSS6.8AI score0.05845EPSS
Exploits1References18
RedHat Linux
RedHat Linux
added 2020/04/28 3:43 p.m.4 views

kernel: The flow_dissector feature allows device tracking

A device tracking vulnerability was found in the flowdissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash instead of siphash is used. The hashmd value remains the same starting from boot ti...

5.3CVSS7AI score0.02605EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/04/28 3:41 p.m.3 views

kernel: The flow_dissector feature allows device tracking

A device tracking vulnerability was found in the flowdissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash instead of siphash is used. The hashmd value remains the same starting from boot ti...

5.3CVSS7AI score0.02605EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2020/04/04 5:34 p.m.38 views

CVE-2019-18282

A device tracking vulnerability was found in the flowdissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash instead of siphash is used. The hashmd value remains the same starting from boot ti...

5.3CVSS0.5AI score0.02605EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2020/01/29 10:9 p.m.148 views

Apple Security Updates Tackle iOS Device Tracking, RCE Flaws

Apple’s latest security fixes, released Tuesday, tackle a wide range of bugs, including several patches for high-risk flaws that could allow for remote code execution RCE. Of particular interest to privacy-minded iPhone 11 users is an iOS 13.3.1 update that allows users to turn off U1...

9.3CVSS0.9AI score0.26869EPSS
Exploits0References10
NVD
NVD
added 2020/01/16 4:15 p.m.24 views

CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

5.3CVSS6.6AI score0.02605EPSS
Exploits0References5
OSV
OSV
added 2020/01/16 4:15 p.m.50 views

CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

5.3CVSS6.4AI score
Exploits0References5
OSV
OSV
added 2020/01/16 4:15 p.m.3 views

DEBIAN-CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

5.3CVSS7.7AI score0.02605EPSS
Exploits0References1
Prion
Prion
added 2020/01/16 4:15 p.m.32 views

Code injection

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

5CVSS5.8AI score0.02605EPSS
Exploits0References5Affected Software3
UbuntuCve
UbuntuCve
added 2020/01/16 4:15 p.m.33 views

CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

5.3CVSS6.8AI score0.02605EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/01/16 3:22 p.m.30 views

CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

6.6AI score0.02605EPSS
Exploits0References5
CVE
CVE
added 2020/01/16 3:22 p.m.409 views

CVE-2019-18282

CVE-2019-18282 affects the Linux kernel flow_dissector (Linux 4.3–5.x up to 5.3.10). The root cause is that UDP/IPv6 flow labels rely on a 32-bit hashrnd secret, with jhash used instead of siphash, allowing an attacker to infer the secret and track flows. Affected code includes net/core/flow_diss...

5.3CVSS6AI score0.02605EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2020/01/16 3:22 p.m.32 views

CVE-2019-18282

The flowdissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashrnd value as a secret, and because jhash instead of siphash is used. The hashrn...

5.3CVSS6.9AI score0.02605EPSS
Exploits0
Veracode
Veracode
added 2019/11/06 12:20 a.m.53 views

Remote Device Tracking

Kernel is using weak IP ID generation leads to remote device tracking...

6.5CVSS3.6AI score0.02571EPSS
Exploits0References35Affected Software2
Rows per page
Query Builder