Debian: Security Advisory (DLA-2417-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2417-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks. CVE-2020-12351 Andy Nguyen discovered a flaw in the Bluetooth implementation in the way L2CAP packets with A2MP CID are...

F5 Networks BIG-IP : F5 IPsec vulnerability (K76610106)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.0. It is, therefore, affected by a vulnerability as referenced in the K76610106 advisory. When negotiating IPsec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the...

Amazon Linux 2 : kernel (ALAS-2020-1520)

The version of kernel installed on the remote host is prior to 4.14.200-155.322. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1520 advisory. A flaw was found in the Linux kernel. When changing screen size, an out-of-bounds memory write can occur leading t...

Unspecified Vulnerability in Juniper Networks Junos OS (CNVD-2021-28794)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS contains a security vulnerability that can be exploited by an attacker to trigger a denial of...

EulerOS Virtualization 3.0.2.2 : unbound (EulerOS-SA-2020-2195)

According to the version of the unbound package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2020-2195)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for the (openSUSE-SU-2020:1698-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : the Linux Kernel (openSUSE-2020-1698)

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' bsc1177724. - CVE-2020-24490: Fixed a heap buffer overflow when...

[SECURITY] [DSA 4774-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4774-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 19, 2020 https://www.debian.org/security/faq -...

CVE-2020-1657

On SRX Series devices, a vulnerability in the key-management-daemon kmd daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association SA is established thereby causing a failure to set up the IPSec channel. Sustained receipt of these...

CVE-2020-1657

On SRX Series devices, a vulnerability in the key-management-daemon kmd daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association SA is established thereby causing a failure to set up the IPSec channel. Sustained receipt of these...

Design/Logic Flaw

On SRX Series devices, a vulnerability in the key-management-daemon kmd daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association SA is established thereby causing a failure to set up the IPSec channel. Sustained receipt of these...

CVE-2020-1657

Affected software: Juniper Junos OS on SRX Series. Vulnerable in the key-management-daemon (kmd) before established SA, allowing spoofed IPSec packets to disrupt IPSec setup and cause DoS. Affected releases include 12.3X48 (before 12.3X48-D90), 15.1X49 (before 15.1X49-D190), 17.4 (before 17.4R2-S...

CVE-2020-1657 Junos OS: SRX Series: An attacker sending spoofed packets to IPSec peers may cause a Denial of Service.

On SRX Series devices, a vulnerability in the key-management-daemon kmd daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association SA is established thereby causing a failure to set up the IPSec channel. Sustained receipt of these...

CVE-2020-25645

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The...

CVE-2020-25645

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The...

Design/Logic Flaw

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The...

CVE-2020-25645

Summary: CVE-2020-25645 describes a confidentiality flaw in the Linux kernel’s GENEVE tunnel code when IPsec is used to encrypt traffic for the tunnel’s UDP port. In kernels before 5.9-rc7, traffic between two Geneve endpoints may be left unencrypted, allowing an attacker between the endpoints to...

CVE-2020-25645

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The...