51 matches found
DEBIAN-CVE-2024-26882
In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: make sure to pull inner header in iptunnelrcv Apply the same fix than ones found in : 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" 1ca1ba465e55 "geneve: make sure to pull inner header in...
DEBIAN-CVE-2024-26857
In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneverx syzbot triggered a bug in geneverx 1 Issue is similar to the one I fixed in commit 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" We have to save...
CVE-2024-26857 geneve: make sure to pull inner header in geneve_rx()
In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneverx syzbot triggered a bug in geneverx 1 Issue is similar to the one I fixed in commit 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" We have to save...
UBUNTU-CVE-2023-52574
In the Linux kernel, the following vulnerability has been resolved: team: fix null-ptr-deref when team device type is changed Get a null-ptr-deref bug as follows with reproducer 1. BUG: kernel NULL pointer dereference, address: 0000000000000228 ... RIP: 0010:vlandevhardheader+0x35/0x140 8021q...
golang: net/http, net/textproto: denial of service from excessive memory allocation
A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service...
PT-2023-3465 · Asus · Asus Rt-Ac86U
Name of the Vulnerable Software and Affected Versions: ASUS RT-AC86U affected versions not specified Description: The issue is related to a stack-based buffer overflow vulnerability in the cgi function of the ASUS RT-AC86U router's firmware, caused by insufficient validation of network packet...
SUSE CVE-2016-7039
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a relat...
PT-2023-34845 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.89 Description: The issue is related to incorrect arithmetics when fetching VLAN header bits in the nft payload component of netfilter. The actual impact and attack plausibility have not yet been proven...
The vulnerability of the Home Network Administration Protocol (HNAP) implementation in D-Link DIR-1935 router microsoftware allows a attacker to execute arbitrary code.
The vulnerability of the Home Network Administration Protocol HNAP implementation in D-Link DIR-1935 router microprogramming software lies in the copying of a buffer without checking the size of the input data during the processing of the HNAPAUTH header. Exploiting this vulnerability allows an...
PT-2025-25999
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference bug has been identified in the Linux kernel, specifically in the tap driver. The issue occurs when the skb-dev field is null, which is required by the dev pars...
The vulnerability of the iOS operating system, which allows a hacker to trigger a service failure
The vulnerability of the XNU kernel component of the iOS operating system exists due to insufficient checking of input data. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a TCP packet containing a specially crafted header...