17 matches found
CVE-2026-10639
In Zephyr's native IPv4 stack, icmpv4handleechorequest in subsys/net/ip/icmpv4.c builds an echo-reply packet reply, hands it to nettrysenddata, and then, on success, calls netstatsupdateicmpsentnetpktifacereply. nettrysenddata transfers ownership of reply to the TX path netiftryqueuetx - netiftx ...
CVE-2026-10640 Use-after-free reading `net_pkt` `iface` after send in IPv6 Neighbor Discovery (`ipv6_nbr.c`)
Zephyr's IPv6 Neighbor Discovery send paths netipv6sendna, netipv6sendns, netipv6sendrs in subsys/net/ip/ipv6nbr.c updated the per-interface ICMP-sent statistics by calling netpktifacepkt after netsenddatapkt had already returned successfully. On the success path the network stack owns and releas...
CVE-2026-10639 Use-after-free reading `net_pkt_iface()` of a sent ICMPv4 echo-reply packet in `icmpv4_handle_echo_request()`
In Zephyr's native IPv4 stack, icmpv4handleechorequest in subsys/net/ip/icmpv4.c builds an echo-reply packet reply, hands it to nettrysenddata, and then, on success, calls netstatsupdateicmpsentnetpktifacereply. nettrysenddata transfers ownership of reply to the TX path netiftryqueuetx - netiftx ...
UBUNTU-CVE-2024-42162
In the Linux kernel, the following vulnerability has been resolved: gve: Account for stopped queues when reading NIC stats We now account for the fact that the NIC might send us stats for a subset of queues. Without this change, gvegetethtoolstats might make an invalid access on the...
CVE-2024-42108 net: rswitch: Avoid use-after-free in rswitch_poll()
In the Linux kernel, the following vulnerability has been resolved: net: rswitch: Avoid use-after-free in rswitchpoll The use-after-free is actually in rswitchtxfree, which is inlined in rswitchpoll. Since skb and gq-skbsgq-dirty are in fact the same pointer, the skb is first freed using...
SUSE CVE-2015-2189
Off-by-one error in the pcapngread function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service out-of-bounds read and application crash via an invalid Interface Statistics Block ISB interfa...
CVE-2022-22207
A Use After Free vulnerability in the Advanced Forwarding Toolkit AFT manager process aftmand of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric AF interface statistics and thereby a Denial of Service DoS...
CVE-2022-22207
A Use After Free vulnerability in the Advanced Forwarding Toolkit AFT manager process aftmand of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric AF interface statistics and thereby a Denial of Service DoS...
Cisco HyperFlex Software Data Forgery Issue Vulnerability
Cisco HyperFlex is Cisco's hyperconverged infrastructure HCI platform built to meet the needs of multi-cloud IT, supporting any application, anywhere, with a simple hyperconverged infrastructure. A counter value injection vulnerability exists in the Statistics Information Collection Service in...
CVE-2017-10611
If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. Repeated crashes of PFE processing can result in an extended...
wireshark: The pcapng file parser could crash (wnpa-sec-2015-08)
Off-by-one error in the pcapngread function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service out-of-bounds read and application crash via an invalid Interface Statistics Block ISB interfa...
wireshark: The pcapng file parser could crash (wnpa-sec-2015-08)
Off-by-one error in the pcapngread function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service out-of-bounds read and application crash via an invalid Interface Statistics Block ISB interfa...
DEBIAN-CVE-2015-2189
Off-by-one error in the pcapngread function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service out-of-bounds read and application crash via an invalid Interface Statistics Block ISB interfa...
Out-of-bounds
Off-by-one error in the pcapngread function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service out-of-bounds read and application crash via an invalid Interface Statistics Block ISB interfa...
CVE-2015-2189
Off-by-one error in the pcapngread function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service out-of-bounds read and application crash via an invalid Interface Statistics Block ISB interfa...
CVE-2000-0873
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities...
aix allows clearing the interface stats
hallo, aix versions 4.x.x will let a non-priveledged user clear the network interface statistics, thus annoying system administrators and interfering with the system scripts that depend on those numbers :- $ netstat -in -- shows stats $ netstat -Zi -- clears them without checking the uid ibm was...