352 matches found
SUSE CVE-2025-38413
In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...
CVE-2025-27057
Transient DOS while handling beacon frames with invalid IE header length...
CVE-2025-27057
CVE-2025-27057 is a Qualcomm WLAN/IEEE 802.11-related issue where a transient Denial of Service can occur while processing beacon frames that contain an invalid Information Element header length. The CVE entry lists a network attack vector with no user interaction and a high availability impact, ...
web-push crate 安全漏洞
web-push crate is a library for Rust by the individual developer Julius de Bruijn. A security vulnerability exists in web-push crate versions prior to 0.10.3, which stems from a large integer in the Content-Length header that could lead to a denial of service...
SUSE CVE-2025-38053
In the Linux kernel, the following vulnerability has been resolved: idpf: fix null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. skb header length is compared with the hardware supported value received from the device control plane. The value is stored in the...
DEBIAN-CVE-2025-38053
In the Linux kernel, the following vulnerability has been resolved: idpf: fix null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. skb header length is compared with the hardware supported value received from the device control plane. The value is stored in the...
UBUNTU-CVE-2025-38053
In the Linux kernel, the following vulnerability has been resolved: idpf: fix null-ptr-deref in idpffeaturescheck idpffeaturescheck is used to validate the TX packet. skb header length is compared with the hardware supported value received from the device control plane. The value is stored in the...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...
CVE-2024-53019
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources...
CVE-2024-53019
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources...
CVE-2024-53019 Buffer Over-read in Data Network Stack & Connectivity
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources...
CVE-2024-53019 Buffer Over-read in Data Network Stack & Connectivity
Information disclosure may occur while decoding the RTP packet with improper header length for number of contributing sources...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets, which stems from an improper header length when decoding RTP packets could lead to information disclosure...
CVE-2025-37943
CVE-2025-37943 affects the Linux kernel wireless driver ath12k (DP_RX_DECAP_TYPE_NATIVE_WIFI). The issue is an invalid data access when hardware delivers packets with a length exceeding the maximum native Wi‑Fi header, potentially causing memory corruption in ath12k_dp_rx_h_undecap_nwifi. The adv...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix potential crash in nfsendreset6 I got a syzbot report without a repro 1 crashing in nfsendreset6 I think the issue is that dev-hardheaderlen is zero, and we attempt later to push an Ethernet header. U...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
An unchecked buffer bounds flaw was found in the Linux kernel's NVMe TCP Fabrics driver. An attacker with the ability to send a crafted packet to an affected NVMe host could exploit this flaw to alter kernel memory, leading to an escalation of privileges or a compromise of system integrity or...