170 matches found
iptables bug fix and enhancement update
An update is available for iptables. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The iptables utility controls the network packet filtering code in the Linux...
SUSE CVE-2005-3110
Race condition in ebtables netfilter module ebtables.c in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service crash via a series of packets that cause a value to be modified after it has been read but before it h...
SUSE CVE-2010-0007
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAPNETADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traff...
SUSE CVE-2011-1080
The doreplace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability ...
GSD-2022-1006609 netfilter: ebtables: fix memory leak when blob is malformed
netfilter: ebtables: fix memory leak when blob is malformed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.295 by commit...
GSD-2022-1006605 netfilter: ebtables: fix memory leak when blob is malformed
netfilter: ebtables: fix memory leak when blob is malformed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.260 by commit...
GSD-2022-1006599 netfilter: ebtables: fix memory leak when blob is malformed
netfilter: ebtables: fix memory leak when blob is malformed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.215 by commit...
GSD-2022-1006583 netfilter: ebtables: fix memory leak when blob is malformed
netfilter: ebtables: fix memory leak when blob is malformed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.146 by commit...
GSD-2022-1006556 netfilter: ebtables: fix memory leak when blob is malformed
netfilter: ebtables: fix memory leak when blob is malformed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.71 by commit...
GSD-2022-1006516 netfilter: ebtables: fix memory leak when blob is malformed
netfilter: ebtables: fix memory leak when blob is malformed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.12 by commit...
GSD-2022-1006472 netfilter: ebtables: fix memory leak when blob is malformed
netfilter: ebtables: fix memory leak when blob is malformed This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0 by commit...
PT-2024-8459 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a memory leak in the netfilter component of the Linux kernel, specifically in the ebtables module when handling a malformed blob. The initial bug fix was...
OpenStack Neutron vulnerable to hardware address impersonation
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
GHSA-HVM4-MC7M-22W4 OpenStack Neutron vulnerable to hardware address impersonation
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
DEBIAN-CVE-2021-38598
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
PYSEC-2021-360
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
Design/Logic Flaw
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
UBUNTU-CVE-2021-38598
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
CVE-2021-38598
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...
CVE-2021-38598
OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch c...