Lucene search
K

58 matches found

redhat
redhat
added 2025/07/29 5:1 p.m.5 views

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

5.5CVSS7.1AI score0.00369EPSS
Exploits3References5
redhat
redhat
added 2025/07/29 5:1 p.m.13 views

kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc

A use-after-free vulnerability has been identified in the Linux kernel's HFSC Hierarchical Fair Service Curve queuing discipline when it is configured with NETEM Network Emulation as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state...

7.8CVSS7.3AI score0.00164EPSS
Exploits0References5
packetstormnews
packetstormnews
added 2025/07/22 12:0 a.m.5 views

Analysis of Post-Quantum Cryptography in User Equipment in 5G and Beyond

The advent of quantum computing threatens the security of classical public-key cryptographic systems, prompting the transition to post-quantum cryptography PQC. While PQC has been analyzed in theory, its performance in practical wireless communication environments remains underexplored. This pape...

6.9AI score
Exploits0
mscve
mscve
added 2025/07/11 7:0 a.m.5 views

net_sched: drr: Fix double list add in class with netem as child qdisc

...

7CVSS7.4AI score0.00166EPSS
Exploits0
osv
osv
added 2025/07/10 8:25 a.m.8 views

SUSE-SU-2025:2264-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47557: net/sched: schets: do not peek at classes beyond 'nbands' bsc1207361 bsc1225468. - CVE-2021-47595: net/sched: schets: do not remove idle classes from...

7.8CVSS6.7AI score0.12746EPSS
Exploits16References548
osv
osv
added 2025/06/06 2:15 p.m.4 views

DEBIAN-CVE-2025-38001

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch 141d34391abbb315d68556b7c67ad97885407547 1 can be bypassed, and a UAF can still occur when HFSC ...

5.5CVSS5.6AI score0.00369EPSS
Exploits3References1
suse
suse
added 2025/04/17 10:19 a.m.7 views

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 CVE-2024-46815: Fixed drm/amd/display: check numvalidsets befor...

8.6CVSS7.5AI score0.03301EPSS
Exploits1References32
osv
osv
added 2025/04/17 10:3 a.m.4 views

SUSE-SU-2025:20188-1 Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 - CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 - CVE-2024-46815: Fixed drm/amd/display: check numvalidsets...

7.8CVSS7AI score0.03301EPSS
Exploits1References17
osv
osv
added 2025/04/17 10:2 a.m.5 views

SUSE-SU-2025:20189-1 Security update for kernel-livepatch-MICRO-6-0_Update_3

This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: - CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 - CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452 - CVE-2024-50302: Fixed HID: core: zero-initialize th...

7.8CVSS7.6AI score0.03301EPSS
Exploits1References13
redhat
redhat
added 2021/08/10 4:14 p.m.3 views

QEMU: net: Infinite loop in loopback mode may lead to stack overflow

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS...

6CVSS6.8AI score0.00455EPSS
Exploits0References5
cnvd
cnvd
added 2021/08/05 12:0 a.m.24 views

Cisco Packet Tracer for Windows DLL Injection Vulnerability

Cisco Packet Tracer is a cross-platform visual emulation tool that allows users to create network topologies and emulate computer networks. The vulnerability can be exploited to execute arbitrary code on the affected system with the privileges of another user account by inserting a configuration...

7.3CVSS5.9AI score0.00318EPSS
Exploits0References1
osv
osv
added 2021/03/18 8:15 p.m.0 views

DEBIAN-CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

6CVSS6.7AI score0.00455EPSS
Exploits0References1
redhat
redhat
added 2019/08/09 12:49 a.m.5 views

QEMU: slirp: information leakage in tcp_emu() due to uninitialized stack variables

tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

5.5CVSS6.8AI score0.00515EPSS
Exploits0References4
cnvd
cnvd
added 2019/01/30 12:0 a.m.1 views

QEMU Buffer Overflow Vulnerability (CNVD-2019-03583)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A buffer overflow vulnerability exists in the 'tcpemu' routine of slirp in QEMU. An attacker can exploit this vulnerability to cause the QEMU...

7.8CVSS8AI score0.00615EPSS
Exploits0References1
fireeye
fireeye
added 2016/08/03 4:30 a.m.54 views

FakeNet-NG: Next Generation Dynamic Network Analysis Tool

As a reverse engineer on the FLARE FireEye Labs Advanced Reverse Engineering team, I regularly perform basic dynamic analysis of malware samples. The goal is to quickly observe runtime characteristics by running binaries in a safe environment. One important task during dynamic analysis is to...

Exploits0
fireeye
fireeye
added 2016/08/03 4:30 a.m.233 views

FakeNet-NG: Next Generation Dynamic Network Analysis Tool

As a reverse engineer on the FLARE FireEye Labs Advanced Reverse Engineering team, I regularly perform basic dynamic analysis of malware samples. The goal is to quickly observe runtime characteristics by running binaries in a safe environment. One important task during dynamic analysis is to...

6.9AI score
Exploits0
nessus
nessus
added 2009/07/21 12:0 a.m.32 views

openSUSE Security Update : kvm (kvm-412)

Rogue VNC clients could make the built in VNC server of kvm run into an infinite loop CVE-2008-2382 An off-by-one bug limited the length of VNC passwords to seven instead of eight CVE-2008-5714 Virtualized guests could potentially execute code on the host by triggering a buffer overflow in the...

7.8CVSS8.7AI score0.06619EPSS
Exploits1References8
nessus
nessus
added 2009/07/21 12:0 a.m.36 views

openSUSE Security Update : kvm (kvm-412)

Rogue VNC clients could make the built in VNC server of kvm run into an infinite loop CVE-2008-2382 An off-by-one bug limited the length of VNC passwords to seven instead of eight CVE-2008-5714 Virtualized guests could potentially execute code on the host by triggering a buffer overflow in the...

7.8CVSS8.7AI score0.06619EPSS
Exploits1References8
Rows per page
Query Builder