8 matches found
PT-2023-35088 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v2.6.12 through v6.1.6 Description: The issue is related to the handling of extension header length in rawv6 push pending frames. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
GSD-2023-1001724 ipv6: raw: Deduct extension header length in rawv6_push_pending_frames
ipv6: raw: Deduct extension header length in rawv6pushpendingframes This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...
PT-2023-34909 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.270 Description: The issue is related to the handling of extension header length in rawv6 push pending frames. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2023-34871 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.164 Description: The issue concerns the handling of extension header length in rawv6 push pending frames. It was introduced in version v2.6.12 and fixed in version v5.10.164. The actual impact and attack...
PT-2023-34919 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.303 Description: The issue concerns the handling of extension header length in rawv6 push pending frames. It was introduced in version v2.6.12 and fixed in version v4.14.303. The actual impact and attack...
PT-2023-34895 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.229 Description: The issue is related to the handling of extension header length in rawv6 push pending frames. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
Debian Security Advisory DSA 3539-1 (srtp - security update)
Randell Jesup and the Firefox team discovered that srtp, Cisco OpenVAS Vulnerability Test $Id: deb3539.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3539-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks Copyright: Copyright c 2016 Greenbone Networks...
Updated srtp packages fix security vulnerability
Srtp before 1.5.3 is vulnerable to a potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length CVE-2015-6360...