Design/Logic Flaw

NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality...

UBUNTU-CVE-2022-28199

NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality...

CVE-2022-28199

NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality...

CVE-2022-36053 Out-of-bounds read in the uIP buffer module

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module os/net/ipv6/uipbuf.c that processes IPv6 extension headers in incoming data packets. As part of this processing, the function...

Security Bulletin: NVIDIA Data Plane Development Kit (MLNX_DPDK) - August 2022

NVIDIA has released a software update for MLNXDPDK to address a security issue that may lead to denial of service, and some impact to data integrity and confidentiality. To protect your system, contact your NVIDIA representative to obtain the MLNXDPDK version that contains the update and install...

kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak

The Linux kernel's TCP source port generation algorithm in the TCP stack contains a flaw due to the small table perturb size. This flaw allows an attacker to positively distinguish a system among devices with identical hardware and software, which lasts until the device restarts. An attacker can...

The vulnerability of the implementation of the IPv6 protocol in the Trace TCP/IP stack allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the IPv6 implementation in the Trace TCP/IP stack is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

PVS image process gets BSOD on boot up

Using the PVS Upgrade wizard to upgrade the PVS drivers failed. Because of this, we used reverse imaging to remove the PVS drivers and install the 1912 CU4 drivers. On the reboot, during creation of a new vdisk, BSOD encountered. ERROR: BNIStack faile. netork stack col not e initialie -This error...

CVE-2021-33704

The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover the vulnerable function, no in-depth system knowledge is required. Once exploited via Network stack...

Authorization

The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that would otherwise be restricted to specific users. For an attacker to discover the vulnerable function, no in-depth system knowledge is required. Once exploited via Network stack...

Ligolo-Ng - An Advanced, Yet Simple, Tunneling/Pivoting Tool That Uses A TUN Interface

An advanced, yet simple, tunneling tool that uses a TUN interface. by TNP IT Security Introduction Ligolo-ng is a simple , lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection without the need of SOCKS. Features Tun interface No more SOCKS! Simpl...

CVE-2021-21005

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...

CVE-2021-21005

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...

Design/Logic Flaw

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...

CVE-2021-21005 Race Condition Vulnerability in Phoenix Contact FL SWITCH SMCS series products

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...

CVE-2020-7469

In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet...

CVE-2020-7469

In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into the packet buffer holding the ICMPv6 message. However, when processing subsequent options the packet...

CVE-2020-7469

The CVE-2020-7469 issue affects FreeBSD’s ICMPv6 handling: the routing option handler caches a pointer to a packet buffer containing an ICMPv6 message, which can be freed later, risking a use-after-free when the pointer is dereferenced. A remote attacker could trigger a read of freed kernel memor...

CVE-2020-7469

Removed by vendor...

Cisco NX-OS Software IPv6 Netstack DoS (cisco-sa-nxos-ipv6-netstack-edXPGV7K)

According to its self-reported version, the network stack of Cisco NX-OS Software is affected by denial of service vulnerability due to buffers not freeing properly in the Cisco NX-OS Software network stack known as netstack. An unauthenticated, remote attacker can exploit this by sending multipl...