Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: openvswitch: Fixed an issue where stack out-of-bounds reading occurred when fragmenting IPv4 packets. When running openvswitch on kernels built with KASAN, it is possible to observe the following error during the testing of IP...

SUSE CVE-2026-43036

In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...

CVE-2024-20467

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...

The vulnerability of the IPv4 Fragmentation Handler component in Cisco IOS XE router operating systems such as Cisco ASR 1000 and Cisco cBR-8 allows a attacker to cause a service failure.

The vulnerability of the IPv4 Fragmentation Handler component in Cisco IOS XE routers of the Cisco ASR 1000 and Cisco cBR-8 family is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2024-20467

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...

EUVD-2024-18182

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...

CVE-2024-20467

Cisco IOS XE Software contains a vulnerability in the IPv4 fragmentation reassembly code that could allow an unauthenticated, remote attacker to cause a DoS by sending specific sizes of fragmented packets or via a Virtual Fragmentation Reassembly (VFR) interface. Affected devices are Cisco ASR 10...

SUSE CVE-2021-46955

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds...

SUSE CVE-2021-46954

In the Linux kernel, the following vulnerability has been resolved: net/sched: schfrag: fix stack OOB read while fragmenting IPv4 packets when 'actmirred' tries to fragment IPv4 packets that had been previously re-assembled using 'actct', splats like the following can be observed on kernels built...

CVE-2021-46954

In the Linux kernel, the following vulnerability has been resolved: net/sched: schfrag: fix stack OOB read while fragmenting IPv4 packets when 'actmirred' tries to fragment IPv4 packets that had been previously re-assembled using 'actct', splats like the following can be observed on kernels built...

DEBIAN-CVE-2021-46955

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds...

UBUNTU-CVE-2021-46955

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds...

PT-2023-9502 · Cisco · Cisco Ios Xe +2

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software versions 17.12.1 through 17.12.1a Description: The issue is related to improper management of resources during fragment reassembly in the IPv4 fragmentation reassembly code, which could allow an unauthenticated, remote...

CVE-2018-0369

A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service DoS condition. There are four instances of the npusim proces...

RoseAttackv1.txt

/-------------------------------------------------------------/ / Implementation of Rose Attack described by Gandalf . Reference: Bugtraq, 30 mars 2004, "IPv4 fragmentation, The Rose Attack" Written by Laurent Constantin Library netwib must be installed:...