34 matches found
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
Juniper Junos OS Vulnerability (JSA73154)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73154 advisory. - An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a...
CVE-2020-36789
In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the case, the 'WARNONinirq' in net/core/skbuff.cskbreleaseheadstate might...
CVE-2020-36789
In the Linux kernel, the following vulnerability has been resolved: can: dev: cangetechoskb: prevent call to kfreeskb in hard IRQ context If a driver calls cangetechoskb during a hardware IRQ which is often, but not always, the case, the 'WARNONinirq' in net/core/skbuff.cskbreleaseheadstate might...
CVE-2020-36789
The CVE-2020-36789 entry pertains to the Linux kernel CAN stack. A driver calling can_get_echo_skb() in hardware IRQ context could trigger WARN_ON(in_irq) in skb_release_head_state() under congestion, risking NULL pointer dereference. Root cause: kfree_skb() used instead of the IRQ-safe path in n...
Denial-of-Service (DoS)
github.com/hashicorp/yamux is vulnerable to a Denial-of-Service DoS. The vulnerability is due to improper handling of connection timeouts due to Stream.Read calls hanging indefinitely if a corresponding Stream.Write call times out under network congestion, leading to stalled sessions and requirin...
GHSA-29QP-CRVH-W22M Withdrawn Advisory: github.com/hashicorp/yamux's DefaultConfig has dangerous defaults causing hung Read
Withdrawn Advisory This advisory has been withdrawn because further research determined that github.com/hashicorp/yamux was not vulnerable to denial of service in the manner described. This link is maintained to preserve external references. Original Description The default values for...
Withdrawn Advisory: github.com/hashicorp/yamux's DefaultConfig has dangerous defaults causing hung Read
Withdrawn Advisory This advisory has been withdrawn because further research determined that github.com/hashicorp/yamux was not vulnerable to denial of service in the manner described. This link is maintained to preserve external references. Original Description The default values for...
GO-2025-3408 WITHDRAWN: DefaultConfig has dangerous defaults causing hung Read in github.com/hashicorp/yamux
This report has been withdrawn with reason: "By request of maintainer in https://github.com/golang/vulndb/issues/3453". The default values for Session.config.KeepAliveInterval and Session.config.ConnectionWriteTimeout of 30s and 10s create the possibility for timed out writes that most aren't...
PT-2025-5630 · Hashicorp · Yamux
Name of the Vulnerable Software and Affected Versions: github.com/hashicorp/yamux affected versions not specified Description: The issue concerns a potential denial of service due to timed out writes. When the default values for Session.config.KeepAliveInterval and...
PT-2025-5649 · Go · Go
Name of the Vulnerable Software and Affected Versions: go affected versions not specified Description: The issue arises from the default values of Session.config.KeepAliveInterval and Session.config.ConnectionWriteTimeout, which can cause timed out writes that are not handled properly by readers...
kernel: tcp: avoid too many retransmit packets
A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...
kernel: tcp: avoid too many retransmit packets
A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...
kernel: tcp: avoid too many retransmit packets
A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...
kernel: tcp: avoid too many retransmit packets
A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...
Insufficient Gas Fee Estimation Leading to Incomplete Transactions
Lines of code Vulnerability details The contract allows a user to send Ether, presumably for transaction fees or gas. However, there is no mechanism in place to verify that the msg.value is sufficient to cover the actual gas cost for contract execution. Consequently, a scenario could arise where...
SETTING block.timestamp AS THE DEADLINE COULD LEAD TO HIGHER RATE OF FAILED TRANSACTIONS
Lines of code Vulnerability details Impact The OptionsPositionManager.swapExactTokensForTokens function is used to swap assets for exact assets. Here the exact amount of source token is swapped for an amount of target token. The function uses the IUniswapV2Router01.swapExactTokensForTokens call f...
Choosing a cheap gas lane may result in no winners
Lines of code Vulnerability details Impact The drawer can choose whichever gas lanekeyHash they like. Giving this choice to the drawer may result in no winners if the network is congested and the drawer chooses a cheap gas lane. Recommended Mitigation Steps Check the options of keyHashes that can...
Price Feed is not checked for freshness and may report old / incorrect value
Lines of code Vulnerability details Price Feed is not checked for freshness In times of network conjestion, the priceFeed may take longer than expected to update, and the price may take longer than usual to update, in order to ensure the latest price is fresh within update window, you should veri...
Fulfill transactions that are not protected with a deadline may lead to unfavorable trade.
Lines of code Vulnerability details Impact A fulfill transaction of order with descending/ascending amount should be protected by the deadline. The price of an order with a descnding amount is sensitive to the time. Letting users make such a trade without providing the deadline would lead to...