[SECURITY] Fedora 40 Update: rust-prefixdevname-0.2.0-4.fc40

Udev helper utility that provides network interface naming using user defined prefix...

[SECURITY] Fedora 40 Update: rust-ifcfg-devname-1.1.0-8.fc40

Udev helper utility that provides network interface naming using ifcfg config uration...

Moderate: Red Hat Security Advisory: openstack-tripleo-heat-templates and tripleo-ansible update

An update for openstack-tripleo-heat-templates and tripleo-ansible is now available for Red Hat OpenStack Platform 17.1 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

kernel: igb: Fix igb_down hung on surprise removal

In the Linux kernel, the following vulnerability has been resolved: igb: Fix igbdown hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between the PC and the...

DEBIAN-CVE-2024-36002

In the Linux kernel, the following vulnerability has been resolved: dpll: fix dpllpinonpinregister for multiple parent pins In scenario where pin is registered with multiple parent pins via dpllpinonpinregister.., all belonging to the same dpll device. A second call to dpllpinonpinunregister...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which arises when the MTU of one of the connected interfaces becomes too small to transfer the local translation table...

CVE-2024-35907 mlxbf_gige: call request_irq() after NAPI initialized

In the Linux kernel, the following vulnerability has been resolved: mlxbfgige: call requestirq after NAPI initialized The mlxbfgige driver encounters a NULL pointer exception in mlxbfgigeopen when kdump is enabled. The sequence to reproduce the exception is as follows: a enable kdump b trigger...

CVE-2024-35901

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix Rx DMA datasize and skboverpanic managetrxbufcfg aligns the RX buffer's DMA datasize to be multiple of 64. So a packet slightly bigger than mtu+14, say 1536, can be received and cause skboverpanic. Sample dmesg:...

DEBIAN-CVE-2024-35858

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix memory leak when bringing down interface When bringing down the TX rings we flush the rings but forget to reclaimed the flushed packets. This leads to a memory leak since we do not free the dma mapped buffers. Th...

PingRAT - Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads. Features: Uses ICMP for Command and Control Undetectable by most AV/EDR solutions Written in Go Installation: Download the binaries or build the binaries and you are ready to go: $ git clone...

CVE-2022-48645

In the Linux kernel, the following vulnerability has been resolved: net: enetc: deny offload of tc-based TSN features on VF interfaces TSN features on the ENETC taprio, cbs, gate, police are configured through a mix of command BD ring messages and port registers: enetcportrd, enetcportwr. Port...

PT-2024-18973 · Kiloview · Kiloview Ndi

Name of the Vulnerable Software and Affected Versions: Kiloview NDI versions prior to 2.02.0227 Description: An OS Command Injection issue allows a low-privileged user to execute arbitrary code remotely on the device with high privileges. This issue affects various Kiloview NDI models, including...

PT-2024-18972 · Kiloview · Kiloview Ndi

Name of the Vulnerable Software and Affected Versions: Kiloview NDI versions prior to 2.02.0227 Description: The issue is related to the use of hard-coded credentials in Kiloview NDI, allowing un-authenticated users to bypass authentication. This affects models N3, N3-s, N4, N20, N30, N40...

n0Mac - Yet Another Mac Changer!!!

This script changes the MAC address of the network interface to a randomly generated address on system startup using crontab. It then uses the macchanger command to generate a list of MAC address vendors and selects one at random and then combines that vendor prefix with a randomly generated suff...

DEBIAN-CVE-2023-38317

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

CVE-2023-38317

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

CVE-2023-38317

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

Input validation

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

UBUNTU-CVE-2023-38317

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

openNDS Security Vulnerabilities

openNDS is openNDS open source a high-performance, small footprint portal system. A security vulnerability exists in openNDS prior to version 10.1.3 that stems from an inability to clean up a network interface name entry in a configuration file, allowing an attacker with direct or indirect access...