Linux Distros Unpatched Vulnerability : CVE-2015-8215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent...

CVE-2024-36901 ipv6: prevent NULL dereference in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

CLSA-2024-1716270232 Fix of 48 CVEs

CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmfcfg80211detach CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in...

Medium: kernel

Issue Overview: An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in dodivsz,mtd-erasesize, used indirectly by ctrlcdevioctl, when mtd-erasesize is 0. CVE-2023-31085 A flaw in the kernel Xen event handler can cause a deadlock with Xen conso...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2019-4317)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4317 advisory. - ipv6: tcp: add rcu locking in tcpv6sendsynack Eric Dumazet Orabug: 25059185 CVE-2016-3841 - ipv6: add complete rcu protection around np-opt Eric...

Security Bulletin: IBM b-type SAN Network/Storage switches is affected by a denial of service vulnerability, caused by a CPU consumption in the IPv6 stack (CVE-2017-6227).

Summary IBM b-type SAN Network/Storage switches has addressed the following vulnerability. Fabric OS is vulnerable to a denial of service, caused by a CPU consumption in the IPv6 stack. By sending-crafted Router Advertisement RA messages, a remote attacker could exploit this vulnerability to caus...

K16562029: Linux kernel vulnerability CVE-2016-3841

Security Advisory Description The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call.CVE-2016-3841 Impact There is no impact; F5 products ar...

SUSE CVE-2016-3841

The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call...

SUSE CVE-2020-25112

An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet...

[SECURITY] [DLA 3244-1] linux-5.10 security update

Debian LTS Advisory DLA-3244-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings December 20, 2022 https://wiki.debian.org/LTS Package : linux-5.10 Version : 5.10.158-2deb10u1 CVE ID : CVE-2021-3759 CVE-2022-3169 CVE-2022-3435 CVE-2022-3521 CVE-2022-3524 CVE-2022-3564...

Siemens Nucleus Products IPv6 Stack Denial of Service Vulnerability

The Nucleus NET module includes a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device.Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for...

Siemens Nucleus Products IPv6 Stack

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens --------- Begin Update A Part 1 of 3 --------- Equipment: Capital VSTAR, Nucleus NET, Nucleus ReadyStart v3, Nucleus ReadyStart v4, Nucleus Source Code --------- End Update A Part 1 of 3...

Siemens Nucleus Product IPv6 Stack Denial of Service Vulnerability (CNVD-2021-28696)

The Nucleus NET module includes a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device.Nucleus RTOS provides a highly scalable microkernel-based real-time operating system designed for...

Contiki Denial of Service and Remote Code Execution Vulnerabilities

Contiki is an open source, highly portable, networked multitasking operating system for memory-constrained systems. A denial of service and remote code execution vulnerability exists in the IPv6 stack in Contiki 3.0 and earlier versions. The vulnerability stems from inconsistent checking of the...

Contiki Denial of Service and Remote Code Execution Vulnerability (CNVD-2021-29452)

Contiki is an open source, highly portable, networked multitasking operating system for memory-constrained systems. A denial of service and remote code execution vulnerability exists in the IPv6 stack in Contiki 3.0 and earlier versions. The vulnerability stems from insufficient checking of the...

uIP-Contiki-OS 缓冲区错误漏洞

Contiki is an open source, highly portable, networked multitasking operating system for memory-constrained systems. A denial of service and remote code execution vulnerability exists in the IPv6 stack in Contiki 3.0 and earlier versions. The vulnerability stems from inconsistent checking of the...

Treck IPv6 stack input validation error vulnerability

Treck TCP/IP is a suite of TCP Transmission Control Protocol/IP Internet Interconnection Protocol from Treck, Inc. dedicated to embedded systems. An input validation error vulnerability exists in the Treck IPv6 stack. The vulnerability arises from a network system or product that does not properl...

Design/Logic Flaw

The Neighbor Discovery ND protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hoplimit value in a Router Advertisement RA message...

CVE-2015-2923

Summary: CVE-2015-2923 affects FreeBSD’s IPv6 Neighbor Discovery (ND) implementation up to 10.1. A remote attacker on the local network can cause a router advertisement to reconfigure the Current Hop Limit, potentially disrupting IPv6 traffic to other nodes on a different network. The CVSS3.1 vec...

CVE-2019-5611

In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbufs could cause data returned not to be contiguou...