21 matches found
CVE-2025-12464
A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loopback mode. This...
AZL-69631 CVE-2025-12464 affecting package qemu for versions less than 8.2.0-25
A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loopback mode. This...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Sensitive Information in Resource Not Removed Before Reuse (CVE-2024-49997)
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
EUVD-2020-4796
Malware in sbrugna...
EUVD-2017-7899
Malware in sbrugna...
PT-2025-33811 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the staging/gpib subsystem where an uninitialized padding field within the gpib board info ioctl structure is copied back to userspace via the boa...
Moxa NPort 5110, 5130, and 5150 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2017-16715)
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame...
Denial of service via HTTP/2 HEADERS frames padding
A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This attack affects all swift-nio-http2 versions from 1.0.0 to 1.19.2. It is fixed in 1.20.0 and later releases. This vulnerability is caused by a logica...
SUSE CVE-2003-0001
Multiple ethernet Network Interface Card NIC device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak...
CVE-2017-16715
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame...
CVE-2017-16715
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame...
CVE-2017-16715
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame...
CVE-2017-16715
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exploit a flaw in the handling of Ethernet frame...
Moxa NPort 5110, 5130, and 5150
CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Moxa Equipment: NPort 5110, 5130, 5150 Vulnerabilities: Injection, Information Exposure, Resource Exhaustion AFFECTED PRODUCTS The following versions of NPort, a serial network interface, are affected: NPort 5110...
Cisco NX-OS Software Fibre Channel over Ethernet Denial of Service Vulnerability (cisco-sa-20170607-nxos)
A vulnerability in the Fibre Channel over Ethernet FCoE protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition when an FCoE-related process unexpectedly reloads. Copyright C 2017 Greenbone Networks GmbH Some tex...
Siemens RuggedCom Improper Ethernet Frame Padding Vulnerability
OVERVIEW David Formby and Raheem Beyah of Georgia Tech have identified a vulnerability caused by an Institute of Electrical and Electronics Engineers IEEE conformance issue involving improper frame padding in Siemens RuggedCom ROS-based devices. Siemens has already released a revision that...
Ethernet Device Drivers Frame Padding Info Leakage Exploit (Etherleak)
No description provided by source. !/usr/bin/perl -w etherleak, code that has been 5 years coming. On 04/27/2002, I disclosed on the Linux Kernel Mailing list, a vulnerability that would be come known as the 'etherleak' bug. In various situations an ethernet frame must be padded to reach a specif...
Linux Kernel 2.0.x2.2.x2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x2.2.x2.4.x FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure source: https://www.securityfocus.com/bid/6535/info Network device drivers for several vendors have been reported to disclose potentially sensitive information to attackers. Frames that are small...
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
source: https://www.securityfocus.com/bid/6535/info Network device drivers for several vendors have been reported to disclose potentially sensitive information to attackers. Frames that are smaller than the minimum frame size should have the unused portion of the frame buffer padded with null or...
Ethernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage
!/usr/bin/perl -w etherleak, code that has been 5 years coming. On 04/27/2002, I disclosed on the Linux Kernel Mailing list, a vulnerability that would be come known as the 'etherleak' bug. In various situations an ethernet frame must be padded to reach a specific size or fall on a certain...