13 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-46955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernel...
SAMSUNG Exynos 输入验证错误漏洞
SAMSUNG Exynos is a SoC, Arm architecture-based processor developed and manufactured by Samsung Mobile, a South Korean company. A security vulnerability exists in the Samsung Exynos Mobile Processor and Baseband Modem Processor that stems from insufficient parameter validation and could result in...
SUSE CVE-2021-3905
A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...
kernel: off-path attacker may inject data or terminate victim's TCP session
A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...
openvswitch: External triggered memory leak in Open vSwitch while processing fragmented packets
A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...
openvswitch: External triggered memory leak in Open vSwitch while processing fragmented packets
A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...
Apache NuttX 缓冲区错误漏洞
Apache NuttX is a real-time embedded operating system from the Apache Software Foundation.TCP Transmission Control Protocol is a connection-oriented, reliable, byte-stream-based transport layer communication protocol defined by IETF RFC 793. TCP Transmission Control Protocol is a...
kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU...
Cisco Remote PHY Software Resource Management Error Vulnerability
Cisco Remote PHY Software is a digital fiber-based DOCSIS solution from Cisco. The program uses Ethernet PON EPON and metro network as the transmission network. A resource management error vulnerability exists in the IPv4 fragmentation function in Cisco Remote PHY Software. A remote attacker coul...
CVE-2018-5391
creationtimestamp| type| source ---|---|--- 2018-10-04 07:29:19+00:00| seen| https://t.me/securixykz/19 2018-12-31 08:38:43+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus-ip-pakettien-pilkkomisen-toteutuksissa...
UBUNTU-CVE-2017-7177
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching...
Tengen Controls Model T-920 PLC IP Segmentation Syntax Denial of Service Vulnerability
T920 is an all-in-one, industrial-grade, high-performance programmable controller from TengControl Technology. A denial of service vulnerability exists in the IP fragmentation syntax of the Tengen T-920 PLC. An attacker can test its fragmentation reorganization capability by sending a data frame...
PT-1999-1114 · Linux · Linux
Name of the Vulnerable Software and Affected Versions: Linux versions 2.2.3 and earlier Description: The issue allows a remote attacker to perform an IP fragmentation attack, causing a denial of service. Recommendations: For Linux versions 2.2.3 and earlier, at the moment, there is no information...