472 matches found
CVE-2023-48692
Azure RTOS NetX Duo contains a memory overflow vulnerability that can enable remote code execution. Affected: NetX Duo TCP/IP stack in RTOS v6.2.1 and earlier; vulnerable components include icmp, tcp, snmp, dhcp, nat, and ftp. Root cause: memory overflow leading to out-of-bounds/write conditions....
CVE-2023-48692 Azure RTOS NetX Duo Remote Code Execution Vulnerability
Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp,...
CVE-2023-48316 Azure RTOS NetX Duo Remote Code Execution Vulnerability
Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to snmp,...
CVE-2023-48315 Azure RTOS NetX Duo Remote Code Execution Vulnerability
Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to ftp and...
Rocky Linux 9 : dpdk (RLSA-2022:8263)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:8263 advisory. - A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing...
SUSE-RU-2023:4332-1 Recommended update for slurm
This update for slurm fixes the following issues: - Updated to version 23.02.5 with the following changes: Bug Fixes: + Revert a change in 23.02 where SLURMNTASKS was no longer set in the job's environment when --ntasks-per-node was requested. The method that is is being set, however, is differen...
USN-6441-3: Linux kernel vulnerabilities
Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...
Ubuntu: Security Advisory (USN-6439-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-37459
CVE-2023-37459 maps to Contiki-NG ≤ 4.9, where the network stack, on receiving a TCP packet with the SYN flag, may access the TCP header before ensuring it is complete. This can trigger an out-of-bounds read from the packet buffer due to reading the flags field in check_for_tcp_syn. The result is...
Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2021-9453)
The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-9453 advisory. - KVM: do not allow mapping valid but non-reference-counted pages Nicholas Piggin Orabug: 33054089 CVE-2021-22543 CVE-2021-22543 - Input: joydev -...
Cisco NX-OS Software Netstack Denial of Service (CVE-2019-1599)
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could...
CVE-2023-21635
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony...
CVE-2023-21635
CVE-2023-21635 shows a memory corruption issue in the Data Network Stack & Connectivity when a SIM is detected during telephony. Multiple sources describe this as a buffer copy without size checking in Qualcomm closed-source components, leading to potential impact on confidentiality, integrity, a...
PT-2023-18298 · Qualcomm · Snapdragon +50
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a memory corruption problem in the Data Network Stack & Connectivity component when a SIM card is detected on the telephony system...
Qualcomm Chipsets 缓冲区错误漏洞
Qualcomm Chipsets are a series of chipsets from Qualcomm, an American company. The Qualcomm Chipsets have a security vulnerability that stems from a memory corruption issue in Network Stack and Connectivity when a SIM card is detected in a phone call...
The vulnerability of the UDPv6 network protocol implementation in Linux operating systems allows attackers to cause service failures.
The vulnerability of the UDPv6 network protocol implementation in Linux operating systems is related to concurrent access to the dstentry structure during a race condition, due to the lack of synchronization in the sksetupcaps function within the net/core/sock.c module. Exploiting this...
Design/Logic Flaw
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In version 2023.01 and prior, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used...
CVE-2023-33974
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send multiple crafted frames to the device to trigger a race condition. The race condition invalidates assumptions...
CVE-2023-33973
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send a crafted frame which is forwarded by the device. During encoding of the packet a NULL pointer dereference...
Design/Logic Flaw
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send crafted frames to the device to trigger the usage of an uninitialized object leading to denial of service. This issu...