631 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fixed a possible out-of-bounds access in gsm0receive Assuming the following conditions: - Side A configures ngsm in basic option mode. - Side B sends a frame with a basic option mode header, where the data length is 1....
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: “Revert ‘tty: ngsm: fix UAF in gsmcleanupmux’” This reversion involves commit 9b9c8195f3f0d74a826077fc1c01b9ee74907239. The above commit was reverted because it did not solve the original issue. The gsmcleanupmux function attempt...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: tty: ngsm: Fixed a use-after-free in gsmcleanupmux. Bug: KASAN: Slab-use-after-free in gsmcleanupmux+0x77b/0x7b0. drivers/tty/ngsm.c:3160 ngsm Read of size 8 at addr ffff88815fe99c00 by task poc/3379. CPU: 0; UID: 0; PID: 3379...
CVE-2026-8266
A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...
EUVD-2026-29050
A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsmhandlepdusessionmodificationqosflowdescriptions of the file src/smf/gsm-handler.c of the component SMF. Executing a manipulation of the argument n1SmMsg can lead to denial of service. The attack may be launched...
CVE-2026-8288 Open5GS SMF gsm-handler.c denial of service
A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsmhandlepdusessionmodificationqosflowdescriptions of the file src/smf/gsm-handler.c of the component SMF. Executing a manipulation of the argument n1SmMsg can lead to denial of service. The attack may be launched...
CVE-2026-8288
Open5GS SMF vulnerability CVE-2026-8288 affects the gsm_handle_pdu_session_modification_qos_flow_descriptions function in gsm-handler.c. Input manipulation of n1SmMsg can trigger a denial of service, with remote exploitation and a publicly disclosed exploit. A fix is proposed in a pull request aw...
CVE-2026-8288
A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsmhandlepdusessionmodificationqosflowdescriptions of the file src/smf/gsm-handler.c of the component SMF. Executing a manipulation of the argument n1SmMsg can lead to denial of service. The attack may be launched...
EUVD-2026-29023
A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsmbuildpdusessionestablishmentaccept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. The attack can be launched remotely. The exploit is now public and may be used...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
A race condition was detected in the GSM 0710 tty multiplexor within the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled. It can lead to a use-after-free issue with the struct gsmdlci during the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: requires CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach to NGSM0710 ldisc, but it still requires CAPNETADMIN to create a GSM network. Additionally, requiring CAPNETADMIN for the initial namespace...
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: added a sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can occur when attempting to access the “gsm-receive” function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Do not block the input queue by waiting for the MSC response Currently, the gsmqueue function processes incoming frames. When opening a DLC channel, it calls gsmdlciopen, which in turn calls gsmmodemupdate. If the basi...
SUSE CVE-2026-6870
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
Wireshark 2.4.x < 2.4.7 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.7 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was...
Wireshark 2.2.x < 2.2.15 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 2.2.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.15 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in...
Wireshark 4.4.x < 4.4.15 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 4.4.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.4.15 advisory. - RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of servic...
Wireshark 4.4.x < 4.4.15 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 4.4.15. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.4.15 advisory. - RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial ...
CVE-2026-6870
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...
CVE-2026-6870 Access of Uninitialized Pointer in Wireshark
GSM RP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...