27 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001525)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001525 advisory. The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An...
EUVD-2018-18667
Malware in sbrugna...
SUSE CVE-2009-1298
The ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IPINCSTATSBH with an incorrect argument, which allows remote attackers to cause a denial of service NULL pointer dereference and hang via long IP packets, possibly...
CVE-2020-3373
A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. This memory leak could prevent traffic from...
PT-2020-4462 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions prior to the fixed version Cisco Firepower Threat Defense versions prior to the fixed version Description: The issue is related to an uncontrolled resource consumption in the software of Cisco Adapti...
zeek -- Various vulnerabilities
Jon Siwek of Corelight reports: This release fixes the following security issues: Fix potential stack overflow in NVT analyzer Fix NVT analyzer memory leak from multiple telnet authn name options Fix multiple content-transfer-encoding headers causing a memory leak Fix potential leak of Analyzers...
Cisco IOS XE Software IP Fragment Reassembly DoS (cisco-sa-20160928-frag)
According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the IPv4 fragment reassembly function due to the corruption of an internal data structure that occurs when the affected software reassembles an IPv4 packet. An unauthenticated,...
SUSE-SU-2018:3881-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15)
This update for the Linux Kernel 4.12.14-256 fixes one issue. The following security issue was fixed: - CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by...
SUSE-SU-2018:3792-1 Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP2)
This update for the Linux Kernel 4.4.121-9285 fixes one issue. The following security issue was fixed: - CVE-2018-5391: Fixed a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may have caused a denial of service condition by...
kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack)
A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU...
kernel: a bug in ip_frag_reasm() can cause a crash in ip_do_fragment()
A security flaw was found in the ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel which can cause a later system crash in ipdofragment. With certain non-default, but non-rare, configuration of a victim host, an attacker can trigger this crash remotely, thus leading to a remote...
Linux kernel denial of service vulnerability (CNVD-2018-19435)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A denial of service vulnerability exists in the 'ipfragreasm' function of the net/ipv4/ipfragment.c file in Linux kernel versions 4.19-rc1 through 4.19-rc3, which can ...
CVE-2018-6923
In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a remote attacker who is able to send an arbitrary ip fragments to cause the machine to consume...
FreeBSD : FreeBSD -- Resource exhaustion in IP fragment reassembly (359e1548-a652-11e8-805b-a4badb2f4699)
A researcher has notified us of a DoS attack applicable to another operating system. While FreeBSD may not be vulnerable to that exact attack, we have identified several places where inadequate DoS protection could allow an attacker to consume system resources. It is not necessary that the attack...
FreeBSD -- Resource exhaustion in IP fragment reassembly
Problem Description: A researcher has notified us of a DoS attack applicable to another operating system. While FreeBSD may not be vulnerable to that exact attack, we have identified several places where inadequate DoS protection could allow an attacker to consume system resources. It is not...
PT-2018-1834 · Palo Alto Networks +9 · Pan-Os +12
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.9 and later PAN-OS versions prior to 6.1.22 PAN-OS versions prior to 7.1.20 PAN-OS versions prior to 8.0.13 PAN-OS versions prior to 8.1.5 Arista EOS affected versions not specified vEOS affected versions not specified...
VMware Workstation NAT IP Fragment Reassembly Heap-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...
Cisco IOS XE Software IP Fragment Reassembly Denial of Service Vulnerability
A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright...
Design/Logic Flaw
Unspecified vulnerability in the Internet Protocol IP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service panic via unknown vectors, possibly related to ICMP packets and IP fragment reassembly...
CVE-2008-1095
Unspecified vulnerability in the Internet Protocol IP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service panic via unknown vectors, possibly related to ICMP packets and IP fragment reassembly...