3840 matches found
kernel: accepting fragmented plaintext frames in protected networks
A vulnerability was found in Linux kernel, where the WiFi implementations assemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or...
kernel: Forwarding EAPOL from unauthenticated wifi client
Frames used for authentication and key management between the AP and connected clients. Some clients may take these redirected frames masquerading as control mechanisms from the AP...
多款Qualcomm产品授权问题漏洞
The Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm, U.S.A. The QCA6574AU is a central processing unit CPU product.The SD 636 is a central processing unit CPU product.The SDM630 is a central processing unit CPU product.The SDM630 is a central processing unit CPU...
OESA-2021-1407 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check authenticity of fragmented TKIP frames. An adversary can abuse this to inject an...
CVE-2021-30302
Improper authentication of EAP WAPI EAPOL frames from unauthenticated user can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired...
CVE-2020-11303
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...
Information disclosure
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...
Authentication flaw
Improper authentication of sub-frames of a multicast AMSDU frame can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon...
Buffer overflow
Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2021-30310
Possible buffer overflow due to Improper validation of received CF-ACK and CF-Poll data frames in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...
CVE-2020-11303
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi...
CVE-2020-11303
The CVE-2020-11303 entry affects Qualcomm/Snapdragon wireless components (e.g., Snapdragon Auto, Connectivity, and IoT lines) and is caused by accepting AMSDU frames with a mismatched destination and source address, leading to information disclosure. The issue is categorized with high severity (C...
CVE-2021-31365
An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet AE interface to go down and thereby causing a Denial of Service DoS. By...
Zephyr 安全漏洞
Zephyr is an open source, small, scalable, real-time operating system. a security vulnerability exists in Zephyr, which stems from truncated L2CAP K-frames causing assertion failures. No detailed vulnerability details are available at this time...
Cisco IOS XE Software Interface Queue Wedge DoS (cisco-sa-quewedge-69BsHUBW)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability in the layer 2 punt code that allows an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service DoS condition. Thi...
Juniper Networks Junos OS 资源管理错误漏洞
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS is vulnerable to a resource management error vulnerability that arises from an...
The vulnerability of the channel-level implementation of Cisco IOS XE allows a attacker to trigger a service failure.
The vulnerability of the channel-level implementation of Cisco IOS XE is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure using specially crafted channel-level frames...
MGASA-2021-0466 Updated weechat packages fix security vulnerability
A crafted WebSocket frame could result in a crash in the weechat Relay plugin...
Qualcomm Wlan Firmware 输入验证错误漏洞
Qualcomm Wlan Firmware is a Wlan support firmware from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm WLAN that stems from incorrect validation of received CF-ACK and CF polling data frames, which could result in a buffer overflow...
In Qt through 5.14.1 the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
...