3838 matches found
CVE-2025-38505 wifi: mwifiex: discard erroneous disassoc frames on STA interface
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect...
CVE-2025-38505
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect...
CVE-2025-38505 wifi: mwifiex: discard erroneous disassoc frames on STA interface
In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: discard erroneous disassoc frames on STA interface When operating in concurrent STA/AP mode with host MLME enabled, the firmware incorrectly sends disassociation frames to the STA interface when clients disconnect...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mwifiex incorrectly handling disconnected frames on the STA interface, which could result in a kernel warnin...
Linux Distros Unpatched Vulnerability : CVE-2023-0394
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the syst...
CVE-2025-54878
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version...
Allocation of Resources Without Limits or Throttling
Overview io.netty:netty-codec-http2 is a HTTP2 sub package for the netty library, an event-driven asynchronous network application framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the improper handling of concurrently acti...
Netty affected by MadeYouReset HTTP/2 DDoS vulnerability
Below is a technical explanation of a newly discovered vulnerability in HTTP/2, which we refer to as “MadeYouReset.” MadeYouReset Vulnerability Summary The MadeYouReset DDoS vulnerability is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to brea...
GHSA-PRJ3-CCX8-P6X4 Netty affected by MadeYouReset HTTP/2 DDoS vulnerability
Below is a technical explanation of a newly discovered vulnerability in HTTP/2, which we refer to as “MadeYouReset.” MadeYouReset Vulnerability Summary The MadeYouReset DDoS vulnerability is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to brea...
CVE-2025-55163
Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent...
CVE-2025-54500
An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit HTTP/2 MadeYouReset Attack. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-54500
An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit HTTP/2 MadeYouReset Attack. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
UBUNTU-CVE-2025-55163
Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent...
CVE-2025-54500 HTTP/2 Vulnerability
An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit HTTP/2 MadeYouReset Attack. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-54500
CVE-2025-54500 describes an HTTP/2 implementation flaw that allows a DoS via malformed HTTP/2 control frames to break the max concurrent streams limit (the MadeYouReset attack). Affected products are F5 BIG-IP and BIG-IP Next families with multiple vulnerable branches; affected versions include B...
CVE-2025-54500 HTTP/2 Vulnerability
An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit HTTP/2 MadeYouReset Attack. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-55163
Netty (HTTP/2) vulnerability CVE-2025-55163: a logic flaw in HTTP/2 control frames (MadeYouReset) can bypass max concurrent streams, causing resource exhaustion and DoS. Affected: Netty versions before 4.1.124.Final and 4.2.4.Final. Impact: high availability risk; no confidentiality/integrity imp...
CVE-2025-55163 Netty MadeYouReset HTTP/2 DDoS Vulnerability
Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent...
K000152001: HTTP/2 vulnerability CVE-2025-54500
Security Advisory Description An HTTP/2 implementation flaw allows a denial-of-service DoS that uses malformed HTTP/2 control frames to break the maximum concurrent streams limit HTTP/2 MadeYouReset Attack. CVE-2025-54500 Impact This vulnerability allows a remote, unauthenticated attacker to caus...
CVE-2025-8671
A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service DoS. By opening streams and then rapidly triggering the serv...