CVE-2022-30262

The CVE-2022-30262 entry concerns Emerson ControlWave ‘Next Generation’ RTUs (through 2022-05-02) with firmware updates transmitted over BSAP-IP. The vulnerability is insufficient verification of data authenticity: firmware images in CAB archives are not authenticated (no signing) and rely on ins...

CVE-2021-28505

On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol...

Design/Logic Flaw

On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3 port/SVI, the VXLAN rule and subsequent ACL rules in that access list will ignore the specified IP protocol...

CVE-2021-28505

On Arista EOS platforms, CVE-2021-28505 is triggered when a VXLAN match rule exists in an IPv4 ACL applied to ingress on L2/L3 ports or SVIs. The VXLAN rule and any ACL rules that follow may ignore the specified IP protocol if TCAM profile is enabled, potentially allowing or filtering traffic inc...

CVE-2021-28504 On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules ( rules declared after it in ACL ) do not match on IP protocol fi ...

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on “vxlan” as protocol then that rule and subsequent rules rules declared after it in ACL do not match on IP protocol field as expected...

CVE-2021-28504

CVE-2021-28504 affects Arista Strata/EOS platforms with TCAM profile enabled where a port IPv4 ACL rule matching VXLAN protocol causes the rule and later ACL rules to fail matching the IP protocol field. This misbehavior can lead to improper packet handling and potential traffic leakage. Arista’s...

CVE-2020-36516

A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...

PT-2021-2141

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to insufficient input validation in the implementation of the TCP/IP protocol in Windows operating systems. This can be exploited by a remote attacker to execute arbitrar...

CVE-2020-0594

Out-of-bounds read in IPv6 subsystem in IntelR AMT and IntelR ISM versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an unauthenticated user to potentially enable escalation of privilege via network access...

CVE-2020-10136

A flaw was found in the IP-in-IP protocol. An unauthenticated attacker can use the IP-in-IP protocol to route network traffic through a vulnerable device, which can lead to spoofing, access control bypasses, and other unexpected network behaviors. Mitigation Systems that have IP in IP kernel...

Internet Bug Bounty: IP-in-IP protocol routes arbitrary traffic by default - CVE-2020-10136

Many machines 150K-180K on the internet accept and route IP over IP by default. IP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be encapsulated inside another IP packets. This is very similar to IPSEC VPNs in tunnel mode, except in the case of...

IP-in-IP protocol routes arbitrary traffic by default

Overview IP Encapsulation within IP RFC2003 IP-in-IP can be abused by an unauthenticated attacker to unexpectedly route arbitrary network traffic through a vulnerable device. Description IP-in-IP encapsulation is a tunneling protocol specified in RFC 2003 that allows for IP packets to be...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. A divide-by-zero flaw was found in the tcpselectinitialwindow function in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to trigger a denial of service by calling setsockopt with certain options...

Use-after-free

The kernel is vulnerable to use-after-free. Due to a flaw found in the tcprcvstateprocess function in the Linux kernel TCP/IP protocol suite implementation, if a system using IPv6 had the IPV6RECVPKTINFO option set on a listening socket, a remote attacker could send an IPv6 packet to that system,...

Code injection

An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack...

The vulnerability of the Linux operating system’s kernel lies in the improper handling of a certain interaction between XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets. This allows an attacker to cause a service failure.

The vulnerability of the Linux operating system’s kernel is related to the improper handling of a certain interaction between XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2019-6815

The CVE-2019-6815 entry concerns Modicon Quantum PLCs (all firmware versions) with CWE-264 (Permissions, Privileges, and Access Control). The vulnerability arises via Ethernet/IP, enabling denial of service or unauthorized modifications of the PLC configuration due to improper access control. Doc...

Access Controls Bypass

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDPCORK option when the UDP Fragmentation Offload UFO...

Denial Of Service (DoS)

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to caus...

Privilege Escalation

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to caus...