Oracle Linux 8 : kernel (ELSA-2024-7000)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-7000 advisory. - wifi: mac80211: Avoid address calculations via out of bounds array indexing Michal Schmidt RHEL-51278 CVE-2024-41071 - protect the fetch of -fdfd in...

kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

EulerOS 2.0 SP8 : golang (EulerOS-SA-2024-2468)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the...

The vulnerability of the confidentiality function of Fenced Frames in Microsoft Edge and Google Chrome browsers allows a perpetrator to compromise data integrity.

The vulnerability of the Fenced Frames privacy function in Microsoft Edge and Google Chrome is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability allows a remote attacker to compromise data integrity through a specially created HTML pag...

PT-2024-36917

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the wifi driver rtw88. When removing kernel modules, the driver uses skb queue purge to purge TX skb but does not report ...

kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

CVE-2024-20317

A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System NCS platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service DoS condition. This...

CVE-2024-20317 Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability

A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System NCS platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service DoS condition. This...

CVE-2024-20317 Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability

A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System NCS platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service DoS condition. This...

CVE-2024-20317

CVE-2024-20317 concerns Cisco IOS XR Software across Cisco NCS platforms where mishandling and misclassification of specific Ethernet frames allows an unauthenticated adjacent attacker to drop critical-priority packets, causing a denial of service. The underlying issue is improper classification ...

Cisco IOS XR Software Network Convergence System Denial of Service Vulnerability

A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System NCS platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service DoS condition. This...

Cisco IOS XR 安全漏洞

Cisco IOS XR is a set of operating systems developed by the American company Cisco for its network equipment. A security vulnerability exists in Cisco IOS XR that stems from misclassification of certain types of Ethernet frames received on the interface...

PT-2024-18647 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software for various Cisco Network Convergence System NCS platforms affected versions not specified Description: A vulnerability in the handling of specific Ethernet frames could allow an unauthenticated, adjacent attacker to cau...

kernel: virtio-net: tap: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service DoS attack...

PT-2024-25093 · Unknown · Qualcomm Technologies

Name of the Vulnerable Software and Affected Versions: Qualcomm Technologies, Inc. products affected versions not specified Description: The issue is related to a Transient Denial of Service DOS that occurs while parsing MBSSID during the generation of a new Information Element IE in beacon or...

kernel: virtio-net: tun: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

HTTP/2: flood using SETTINGS frames results in unbounded memory growth

A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability...

kernel: virtio-net: tun: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...