dnsmasq: default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232

A flaw was found in Dnsmasq. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020...

kernel: out-of-bounds write in qfq_change_class function

An out-of-bounds memory access flaw was found in the Linux kernel’s traffic control QoS subsystem in how a user triggers the qfqchangeclass function with an incorrect MTU value of the network device used as lmax. This flaw allows a local user to crash or potentially escalate their privileges on t...

kernel: Linux kernel: Denial of Service via malicious MTU negotiation in TIPC

A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC protocol. A malicious peer can exploit this by sending a specially crafted Activate message with a very small Maximum Transmission Unit MTU value during link MTU negotiation. This can lead to an integer overflow,...

Kernel: a USB-accessible slab-out-of-bounds read in brcmfmac

A slab-out-of-bound read problem was found in brcmfgetassocies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when associnfo-reqlen data is bigger than the size of the buffer, defined as WLEXTRABUFMAX, leading to a denial of service...

PT-2025-41113

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the skb copy ubufs function related to TCP handling and large TCP segments BIG TCP. A crash can occur when using TCP zerocopy with hugepages and skb...

java-1.8.0-openjdk security update

1:1.8.0.392.b08-3.0.1 - Update to shenandoah-jdk8u392-b08 GA - OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 - OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - A...

java-1.8.0-openjdk security update

1:1.8.0.392.b08-4.0.1 - Update to shenandoah-jdk8u392-b08 GA - OpenJDK: segmentation fault in ciMethodBlocks CVE-2022-40433 - OpenJDK: IOR deserialization issue in CORBA 8303384 CVE-2023-22067 - OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 - A...

Borrower cannot change the maximum supply

Lines of code Vulnerability details Impact Maximum supply cannot be increased and by extension the max deposit limit too. Proof of Concept WildcatMarketConfig@setMaxTotalSupply is only callable by the WildcatMarketController but is not used anywhere there. WildcatMarketConfig.sol function...

UBUNTU-CVE-2023-46120

The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. maxBodyLebgth was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may...

Denial Of Service (DoS)

amqp-client is vulnerable to Denial Of Service DoS. The vulnerability exists because the library does not incorporate the maximum inbound message size into the ConnectionFactory. As a result, an attacker can potentially cause an application crash by sending excessively large messages, leading to ...

UBUNTU-CVE-2023-45677

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if len read in startdecoder is a negative number and setupmalloc successfully allocates memory in that case, but memor...

php: 1-byte array overrun in common path resolve code

A vulnerability was found in PHP. This security issue occurs because the core path resolution function allocates a buffer one byte small. Resolving paths with lengths close to the system MAXPATHLEN setting may lead to the byte after the allocated buffer being overwritten with a NULL value, which...

Exploit for Uncontrolled Resource Consumption in Ietf Http

HTTP2 Rapid Reset Attack: CVE-2023-44487 Quick exploit to test...

DEBIAN-CVE-2023-45871

An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU...

UBUNTU-CVE-2023-45871

An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in versions of Linux kernel prior to 6.5.3, which stems from a buffer size that may be insufficient for frames larger than the MTU...

CVE-2023-36841

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service DoS. An attacker who sends malformed TCP...

AZL-35514 CVE-2023-39325 affecting package kata-containers for versions less than 3.2.0.azl2-1

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

AZL-34544 CVE-2023-39325 affecting package application-gateway-kubernetes-ingress for versions less than 1.7.7-1

A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a ne...

UBUNTU-CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...