14 matches found
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fixed an issue where stack out-of-bounds reading occurred when fragmenting IPv4 packets. When running openvswitch on kernels built with KASAN, it is possible to observe the following error during the testing of IPv4...
SUSE CVE-2026-43036
In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...
CVE-2024-20467
A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...
CVE-2024-20467
A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...
EUVD-2024-18182
A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...
CVE-2024-20467
Cisco IOS XE Software contains a vulnerability in the IPv4 fragmentation reassembly code that could allow an unauthenticated, remote attacker to cause a DoS by sending specific sizes of fragmented packets or via a Virtual Fragmentation Reassembly (VFR) interface. Affected devices are Cisco ASR 10...
SUSE CVE-2021-46955
In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds...
SUSE CVE-2021-46954
In the Linux kernel, the following vulnerability has been resolved: net/sched: schfrag: fix stack OOB read while fragmenting IPv4 packets when 'actmirred' tries to fragment IPv4 packets that had been previously re-assembled using 'actct', splats like the following can be observed on kernels built...
DEBIAN-CVE-2021-46955
In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds...
CVE-2021-46954
In the Linux kernel, the following vulnerability has been resolved: net/sched: schfrag: fix stack OOB read while fragmenting IPv4 packets when 'actmirred' tries to fragment IPv4 packets that had been previously re-assembled using 'actct', splats like the following can be observed on kernels built...
UBUNTU-CVE-2021-46955
In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds...
PT-2023-9502 · Cisco · Cisco Ios Xe +2
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software versions 17.12.1 through 17.12.1a Description: The issue is related to improper management of resources during fragment reassembly in the IPv4 fragmentation reassembly code, which could allow an unauthenticated, remote...
CVE-2018-0369
A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service DoS condition. There are four instances of the npusim proces...
RoseAttackv1.txt
/-------------------------------------------------------------/ / Implementation of Rose Attack described by Gandalf . Reference: Bugtraq, 30 mars 2004, "IPv4 fragmentation, The Rose Attack" Written by Laurent Constantin Library netwib must be installed:...