openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::NetworkData::ServiceTlv::IsThreadEnterprise

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=6188652393660416 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type:...

openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::NetworkData::ServiceTlv::GetServiceDataLength

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5433723441905664 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type:...

kernel: Integer overflow in ip6_find_1stfragopt() causes infinite loop

An integer overflow vulnerability in ip6find1stfragopt function was found. A local attacker that has privileges of CAPNETRAW to open raw socket can cause an infinite loop inside the ip6find1stfragopt function...

CVE-2017-12985

CVE-2017-12985 affects tcpdump’s IPv6 parser. The description in the CVE notes a buffer over-read in ip6_print() within print-ip6.c, and connected advisories confirm tcpdump before 4.9.2 is vulnerable. Impact is described as potential exposure via memory overread, with CVSS v3.0/3.1 vectors indic...

CVE-2017-12985

The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6print...

openthread: Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=4750024565063680 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type:...

Virtuozzo 7 : readykernel-patch (VZA-2017-078)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and...

PT-2019-1113 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.11 Linux kernel versions 4.9.x before 4.9.187 Description: An issue was discovered in the Linux kernel that allows an attacker to control a pointer in kernel land and cause a general protection fault, or...

BSA-2017-343

Security Advisory ID : BSA-2017-343 Component : Kernel Revision : 3.0: Final The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite ofanskbdata structure may occur, which allows local users to cause a denial of service...

Linux kernel 'ip6_gre.c' denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel. An attacker could exploit this vulnerability to cause a denial of service...

Buffer overflow

The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6print...

CVE-2017-5204

The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6print...

The vulnerability of the Linux operating system allows a malicious individual to gain access to confidential information from the kernel’s stack memory.

A vulnerability exists in the l2tpip6getname function in the Linux kernel’s net/l2tp/l2tpip6.c file, due to incorrect return values under certain circumstances. Exploiting this vulnerability allows local users to access confidential information from the kernel’s stack memory, using a specially...

UBUNTU-CVE-2014-2309

The ip6routeadd function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service memory consumption via a flood of ICMPv6 Router Advertisement packets...

[SECURITY] Fedora 19 Update: socat-1.7.2.2-1.fc19

Socat is a relay for bidirectional data transfer between two independent da ta channels. Each of these data channels may be a file, pipe, device serial l ine etc. or a pseudo terminal, a socket UNIX, IP4, IP6 - raw, UDP, TCP, an SSL socket, proxy CONNECT connection, a file descriptor stdin etc.,...

kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...

kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace

net/ipv6/netfilter/ip6tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by...