CVE-2020-16843

CVE-2020-16843 affects Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2. The issue is in the network stack, which can freeze under heavy ingress traffic, leading to a denial of service on a microVM configured with a single network interface and an availability problem for that interface....

Treck/Kasago Network Stack Detection

Binary data treckdetect2.nbin...

Treck/Kasago Network Stack Detection With IP Option.

Binary data treckipopt7.nbin...

CVE-2020-11911

The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control...

CVE-2020-11897

The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets...

CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response...

Treck TCP/IP Stack Access Control Error Vulnerability

Treck TCP/IP is a suite of TCP Transmission Control Protocol/IP Internet Interconnection Protocol from Treck, Inc. dedicated to embedded systems. An access control error vulnerability exists in the Treck TCP/IP stack. The vulnerability arises from a network system or product that does not properl...

New Ripple20 Flaws Put Billions of Internet-Connected Devices at Risk of Hacking

The Department of Homeland Security and CISA ICS-CERT today issued a critical security advisory warning about over a dozen newly discovered vulnerabilities affecting billions of Internet-connected devices manufactured by many vendors across the globe. Dubbed "Ripple20 ," the set of 19...

Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability (cisco-sa-nxos-ipip-dos-kCT9X4)

According to its self-reported version, the Cisco NX-OS Software is affected by a denial of service vulnerability in the network stack due to the affected device unexpectedly decapsulating and processing IP in IP packets that are destined to a locally configured IP address. An unauthenticated,...

Severe Cisco DoS Flaw Can Cripple Nexus Switches

Cisco has patched a high-severity flaw in its NX-OS software, the network operating system used by Cisco’s Nexus-series Ethernet switches. If exploited, the vulnerability could allow an unauthenticated, remote attacker to bypass the input access control lists ACLs configured on affected Nexus...

Cisco NX-OS Software Unexpected IP in IP Packet Processing Vulnerability

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass certain security boundaries or cause a denial of service DoS condition on an affected device. The vulnerability is due to the affected device unexpectedly decapsulating and...

CVE-2017-18868

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built...

Input validation

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built...

CVE-2017-18868

CVE-2017-18868 relates to Digi XBee 2 devices, where the network stack underpinning ZigBee enables an attacker to issue remote AT commands due to an ineffective protection mechanism. The vulnerability can impact integrity and availability (I: Partial, A: Partial) with no confidentiality impact de...

Ubuntu 16.04 LTS / 18.04 LTS : EDK II vulnerabilities (USN-4349-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4349-1 advisory. A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of...

The vulnerability of the ip_reass function in the QEMU hardware infrastructure, which allows a perpetrator to trigger a service failure.

The vulnerability of the ipreass function in ipinput.c in the QEMU hardware infrastructure is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Denial Of Service (DoS)

The kernel is vulnerable to denial of service DoS. A flaw was found in each of the following Intel PRO/1000 Linux drivers in the Linux kernel: e1000 and e1000e. A remote attacker using packets larger than the MTU could bypass the existing fragment check, resulting in partial, invalid frames being...

Startup delay occurs after you disable IPv6 in Windows

Startup delay occurs after you disable IPv6 in Windows Symptoms You may experience an additional five seconds delay during the startup of Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 SP1 or Windows Server 2008 R2 SP1. Cause This issue occurs because the code to avoid waiting for...

Cisco NX-OS Software Netstack DoS (cisco-sa-20190306-nxos-netstack)

A denial of service DoS vulnerability exists in Cisco NX-OS Software due to allocating and freeing memory buffers in the network stack. An unauthenticated, remote attacker can exploit this issue by sending crafted TCP streams to an affected device in a sustained way. If the attacker is succesful...

A day^W^W Several months in the life of Project Zero - Part 2: The Chrome exploit of suffering

Posted by Sergei Glazunov and Mark Brand, Project Zero Introduction After we’d understood how the bug worked, and had passed on those details to Chrome to help them get started on a fix, we went back to our other projects. This bug remained a topic of discussion, and eventually we ran out of...