CVE-2023-22417

A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is...

Design/Logic Flaw

A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is...

Design/Logic Flaw

An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service DoS. On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are processed by an...

CVE-2023-22417 Junos OS: SRX Series: A memory leak might be observed in IPsec VPN scenario leading to an FPC crash

A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS, which results in a denial of service due to improper checkin...

CVE-2023-22417

CVE-2023-22417 affects Juniper Networks Junos OS on SRX Series, where the Flow Processing Daemon (flowd) can leak memory in IPsec VPN scenarios when DH/ECDH groups are configured, potentially crashing the flowd process and causing DoS. Affected versions include SRX/JunOS releases prior to the fix...

CVE-2023-22413

CVE-2023-22413 affects Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC, where an IPsec6 tunnel can trigger the Multiservices PIC Management Daemon (mspmand) to core and restart when processing specific IPv4 packets. This causes an FPC crash and impacts traffic while mspmand restarts,...

CVE-2023-22417 Junos OS: SRX Series: A memory leak might be observed in IPsec VPN scenario leading to an FPC crash

A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon flowd of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is...

PT-2023-2548 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions prior to 19.4R3-S9 Juniper Networks Junos OS on MX Series version 20.1R3-S5 and later versions Juniper Networks Junos OS on MX Series versions prior to 20.2R3-S5 Juniper Networks Junos OS on MX...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1102)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2023-1126)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sltxtimeout in...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-1037)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsockconnect of the file...

CVE-2018-25062

A vulnerability classified as problematic has been found in flar2 ElementalX up to 6.x on Nexus 9. Affected is the function xfrmdumppolicydone of the file net/xfrm/xfrmuser.c of the component ipsec. The manipulation leads to denial of service. Upgrading to version 7.00 is able to address this...

CVE-2018-25062 flar2 ElementalX ipsec xfrm_user.c xfrm_dump_policy_done denial of service

A vulnerability classified as problematic has been found in flar2 ElementalX up to 6.x on Nexus 9. Affected is the function xfrmdumppolicydone of the file net/xfrm/xfrmuser.c of the component ipsec. The manipulation leads to denial of service. Upgrading to version 7.00 is able to address this...

CVE-2018-25062

CVE-2018-25062 affects flar2 ElementalX up to 6.x on Nexus 9. The issue is in the ipsec component, specifically the function xfrm_dump_policy_done in net/xfrm/xfrm_user.c, whose manipulation can cause a denial of service. A fix is available: upgrade to ElementalX 7.00 (patch 1df72c9f0f61304437f4f...

CVE-2018-25062 flar2 ElementalX ipsec xfrm_user.c xfrm_dump_policy_done denial of service

A vulnerability classified as problematic has been found in flar2 ElementalX up to 6.x on Nexus 9. Affected is the function xfrmdumppolicydone of the file net/xfrm/xfrmuser.c of the component ipsec. The manipulation leads to denial of service. Upgrading to version 7.00 is able to address this...

PT-2023-10803 · Unknown +1 · Flar2 Elementalx +1

Name of the Vulnerable Software and Affected Versions: flar2 ElementalX versions up to 6.x Description: A problematic vulnerability has been found, affecting the function xfrm dump policy done of the file net/xfrm/xfrm user.c of the component ipsec. The manipulation leads to denial of service...

SUSE SLES15 Security Update : kernel (Live Patch 24 for SLE 15 SP2) (SUSE-SU-2022:4587-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4587-1 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The...

SUSE SLES15 Security Update : kernel (Live Patch 26 for SLE 15 SP2) (SUSE-SU-2022:4580-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4580-1 advisory. - A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function...

SUSE SLES12 Security Update : kernel (Live Patch 25 for SLE 12 SP4) (SUSE-SU-2022:4595-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4595-1 advisory. - A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The...