CVE-2020-25645

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The...

CVE-2020-25645

A flaw was found in the Linux kernel. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone in between the two endpoints to read the traffic unencrypted. The main threat from this...

EulerOS 2.0 SP3 : kernel (EulerOS-SA-2020-2150)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state ...

EulerOS 2.0 SP3 : unbound (EulerOS-SA-2020-2058)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted...

Multiple packages on Sun Solaris including (1) NSS; (2) Java JDK and JRE 5.0 Update 8 and earlier SDK and JRE 1.4.x up to 1.4.2_12 and SDK and JRE 1.3.x up to 1.3.1_19; (3) JSSE 1.0.3_03 and earlier; (4) IPSec/IKE; (5) Secure Global Desktop; and (6) StarOffice when using an RSA key with exponent 3 removes PKCS-1 padding before generating a hash which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents these products from correctly verifying X.509 and other certificates that use PKCS #1.

...

Denial Of Service (DoS)

ipsec-tools:bionic is vulnerable to denial of service DoS. The racoon daemon in IPsec-Tools contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote...

DEBIAN-CVE-2020-1749

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

CVE-2020-1749

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

CVE-2020-1749

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

Code injection

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

CVE-2020-1749

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

CVE-2020-1749

CVE-2020-1749 describes a flaw in the Linux kernel’s IPsec networking implementation (notably VXLAN and GENEVE tunnels over IPv6). When an encrypted tunnel is established between two hosts, tunneled data may be misrouted over the encrypted link, causing data to be sent unencrypted and potentially...

CVE-2020-1749

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

openSUSE Security Update : the Linux Kernel (openSUSE-2020-1325) (Spectre)

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-3639: Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are...

SUSE SLES12 Security Update : kernel (SUSE-SU-2020:2502-1)

This update for the Linux Kernel 4.4.180-94127 fixes several issues. The following security issues were fixed : CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c bsc1173659. CVE-2020-11668: Fixed a memory...

SUSE-SU-2020:2534-1 Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19751 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-1749: Fixed a flaw in IPsec where some IPv6 protocols were not encrypted bsc1165631...

SUSE-SU-2020:2517-1 Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19745 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-15780: Fixed a lockdown bypass via injection of malicious ACPI tables via configfs bsc1174186. -...

SUSE-SU-2020:2525-1 Security update for the Linux Kernel (Live Patch 19 for SLE 15)

This update for the Linux Kernel 4.12.14-15055 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-11668: Fixed a memory corruption issue in the Xirlink camera USB driver bsc1173942. - CVE-2020-1749:...

SUSE-SU-2020:2524-1 Security update for the Linux Kernel (Live Patch 18 for SLE 15)

This update for the Linux Kernel 4.12.14-15052 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-15780: Fixed a lockdown bypass via injection of malicious ACPI tables via configfs bsc1174186. -...

SUSE-SU-2020:2502-1 Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94127 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2019-16746: Fixed a buffer overflow in net/wireless/nl80211.c bsc1173659. - CVE-2020-11668: Fixed a memory...