Lucene search
K

416 matches found

Vulnrichment
Vulnrichment
added 2024/11/08 5:38 a.m.2 views

CVE-2024-50185 mptcp: handle consistently DSS corruption

In the Linux kernel, the following vulnerability has been resolved: mptcp: handle consistently DSS corruption Bugged peer implementation can send corrupted DSS options, consistently hitting a few warning in the data path. Use DEBUGNET assertions, to avoid the splat on some builds and handle...

7.6AI score0.00222EPSS
Exploits0References6
CVE
CVE
added 2024/11/08 5:38 a.m.127 views

CVE-2024-50185

CVE-2024-50185 corresponds to a Linux kernel vulnerability in mptcp where a bugged peer can send corrupted DSS options, triggering warnings in the data path. The fix standardizes error handling (via DEBUG_NET assertions and controlled fallbacks/reset depending on subflow type) and dumps related M...

5.5CVSS6.5AI score0.00222EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2024/11/08 5:38 a.m.13 views

CVE-2024-50185

In the Linux kernel, the following vulnerability has been resolved: mptcp: handle consistently DSS corruption Bugged peer implementation can send corrupted DSS options, consistently hitting a few warning in the data path. Use DEBUGNET assertions, to avoid the splat on some builds and handle...

5.5CVSS5.9AI score0.00222EPSS
Exploits0
CNNVD
CNNVD
added 2024/11/08 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from sending corrupt DSS options...

5.5CVSS6.6AI score0.00222EPSS
Exploits0References7
CNVD
CNVD
added 2024/11/06 12:0 a.m.4 views

Information Leakage Vulnerability in DSS System of Zhejiang Dahua Technology Co.

Zhejiang Dahua Technology Co., Ltd. is the world's leading video-centered intelligent IOT solution provider and operation service provider. An information leakage vulnerability exists in the DSS system of Zhejiang Dahua Technology Co. Ltd, which can be exploited by attackers to obtain sensitive...

6.6AI score
Exploits0
RedhatCVE
RedhatCVE
added 2024/10/29 8:25 a.m.18 views

CVE-2024-50083

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ cut here ------------ WARNING:...

5.5CVSS7.1AI score0.00875EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/10/29 4:15 a.m.5 views

SUSE CVE-2024-50083

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ cut here ------------ WARNING:...

6.5CVSS6.6AI score0.00875EPSS
Exploits0References18
OSV
OSV
added 2024/10/29 1:15 a.m.10 views

AZL-51958 CVE-2024-50083 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ cut here ------------ WARNING:...

7.5CVSS6.4AI score0.00875EPSS
Exploits0References1
NVD
NVD
added 2024/10/29 1:15 a.m.19 views

CVE-2024-50083

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ cut here ------------ WARNING:...

7.5CVSS0.00875EPSS
Exploits0References9
OSV
OSV
added 2024/10/29 1:15 a.m.9 views

UBUNTU-CVE-2024-50083

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ cut here ------------ WARNING:...

7.5CVSS6.2AI score0.00875EPSS
Exploits0References37
OSV
OSV
added 2024/10/29 12:50 a.m.30 views

CVE-2024-50083 tcp: fix mptcp DSS corruption due to large pmtu xmit

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ cut here ------------ WARNING:...

7.5CVSS6.3AI score0.00875EPSS
Exploits0References12
CVE
CVE
added 2024/10/29 12:50 a.m.141 views

CVE-2024-50083

CVE-2024-50083 concerns a Linux kernel flaw where MPTCP DSS corruption could occur during large PMTU transmissions. The issue, triggered by Syzkaller under a subflow, is tied to __mptcp_move_skbs_from_subflow in net/mptcp/protocol.c and relates to mptcp_data_ready/move_skbs_to_msk paths leading t...

7.5CVSS7.5AI score0.00875EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2024/10/29 12:50 a.m.17 views

CVE-2024-50083

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: requestsocksubflowv4: Possible SYN flooding on port :::20002. Sending cookies. ------------ cut here ------------ WARNING:...

7.5CVSS5.9AI score0.00875EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/10/19 9:30 a.m.15 views

Acronym Overdose – Navigating the Complex Data Security Landscape

In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/09/16 11:5 a.m.17 views

Master Your PCI DSS v4 Compliance with Innovative Smart Approvals

The PCI DSS landscape is evolving rapidly. With the Q1 2025 deadline looming ever larger, businesses are scrambling to meet the stringent new requirements of PCI DSS v4.0. Two sections in particular, 6.4.3 and 11.6.1, are troublesome as they demand that organizations rigorously monitor and manage...

7.7AI score
Exploits0
HackRead
HackRead
added 2024/09/04 2:0 p.m.11 views

Criminal IP Secures PCI DSS v4.0 Certification, Enhancing Payment Security with Top-Level Compliance

Torrance, United States / California, 4th September 2024, CyberNewsWire...

7.3AI score
Exploits0
Akamai Blog
Akamai Blog
added 2024/08/30 1:0 p.m.11 views

Best Practices to Help Meet PCI DSS v4.0 API Security Compliance

...

7.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/06/21 12:46 a.m.24 views

PCI DSS 4.0.1: New Clarifications on Client-Side Security – What You Need to Know

As a leading provider of web application and API security solutions, Imperva is committed to helping merchants, payment processors, and anyone seeking to comply with the latest PCI DSS requirements. We previously discussed the changes introduced in PCI DSS 4.0. This blog will cover the...

7AI score
Exploits0
HackRead
HackRead
added 2024/06/11 10:47 p.m.18 views

Securing Online Business Transactions: Essential Tools and Practices

Enhance your online transaction security with encryption, VPNs, and authentication. Understand threats, address vulnerabilities, and use secure payment gateways. Stay compliant with PCI DSS and regulatory standards to protect your business and build customer trust...

7.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/06/03 5:41 p.m.13 views

PCI DSS 4.0: Get Audit-Ready for the New Requirements

The Payment Card Industry Data Security Standard PCI DSS originated in 2004 and is managed by the PCI Security Standards Council to ensure security for the global payment industry. This mandate applies to all entities worldwide that store, process, or transmit payment cardholder data or sensitive...

7.6AI score
Exploits0
Rows per page
Query Builder