14 matches found
kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...
CVE-2026-43233
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodechoice In decodechoice, the boundary check before getlen uses the variable len, which is still 0 from its initialization at the top of the function: unsigned int type, ext, len = ...
Linux Distros Unpatched Vulnerability : CVE-2026-23456
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len...
Linux Distros Unpatched Vulnerability : CVE-2026-23455
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconntrackh323: check for zero length in DecodeQ931 In DecodeQ931, the UserUserIE code path reads a 16-bit length from the packet, then decrements i...
CVE-2026-23456 netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...
SUSE CVE-2024-26851
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...
CVE-2024-26851
A vulnerability was found in the netfilter subsystem of the Linux kernel, specifically in the nfconntrackh323 module. This issue involves inadequate protection for BMP length values, potentially leading to out-of-range conditions. Mitigation Mitigation for this issue is either not available or th...
CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...
CVE-2024-26851
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...
CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...
CVE-2024-26851
CVE-2024-26851 concerns the Linux kernel netfilter nf_conntrack_h323 path. The issue arises when decoding H.323 ras messages: an abnormal skb->data can cause the extension bitmap length to exceed 32, leading to a length-based shift that may become negative and trigger UBSAN reports. The workar...
openSUSE 10 Security Update : kernel (kernel-4487)
This kernel update fixes the following security problems : - CVE-2007-3105: Stack-based buffer overflow in the random number generator RNG implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wake-up...
Multiple Linux kernel vulnerabilities
nfconntrackh323 NULL pointer dereference, invalid suid applications parent process termination signal handling, privilege escalation on Intel 965 chipset...
DSA-1356-1 linux-2.6 - several vulnerabilities
Bulletin has no description...