Double free

An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAPNETADMIN capability in an...

CVE-2020-36694

An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAPNETADMIN capability in an...

CVE-2020-36694

The CVE-2020-36694 issue affects the Linux kernel netfilter path prior to 5.10, enabling a use-after-free in the packet processing context due to mishandling of the per-CPU sequence counter during concurrent iptables rule replacements. Exploitation requires CAP_NET_ADMIN in an unprivileged namesp...

The vulnerability of the rxrpc_unbundle_conn() function in Linux operating systems allows a hacker to enhance their privileges.

The vulnerability of the rxrpcunbundleconn function in Linux operating systems is related to synchronization errors when using shared resources during packet processing. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2023-28970

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash,...

CVE-2023-28959

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to...

Design/Logic Flaw

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to...

CVE-2023-28970 Junos OS: JRR200: Kernel crash upon receipt of a specific packet

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing on the network interfaces of Juniper Networks Junos OS on JRR200 route reflector appliances allows an adjacent, network-based attacker sending a specific packet to the device to cause a kernel crash,...

CVE-2023-28959 Junos OS: QFX10002: PFE wedges and restarts upon receipt of specific malformed packets

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to...

CVE-2023-28970

Technical details about CVE-2023-28970 are not publicly available in the provided connected documents. Monitor for updates; no new information on affected versions, root cause specifics, exploitation status, or remediation is present here.

CVE-2023-28959 Junos OS: QFX10002: PFE wedges and restarts upon receipt of specific malformed packets

An Improper Check or Handling of Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS on QFX10002 allows an unauthenticated, adjacent attacker on the local broadcast domain sending a malformed packet to the device, causing all PFEs other than the inbound PFE to...

CVE-2023-28959

The CVE-2023-28959 entry affects Juniper Networks Junos OS on QFX10002. The issue is an improper check/handling of exceptional conditions in packet processing, triggered by a specially malformed packet sent by an unauthenticated, adjacent attacker on the local broadcast domain. Exploitation wedge...

openvswitch: ip proto 0 triggers incorrect handling

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

CVE-2022-33223

Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding...

CVE-2022-25739 Null Point Dereference in MODEM

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call...

PT-2023-12808 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to information disclosure in the modem due to a buffer over-read. This occurs while the modem is processing packets from a DNS server. Recommendations: At the moment, the...

The vulnerability of the packet processing and fragmentation mechanism in Cisco IOS XE tunnel protocol allows a attacker to trigger a service failure.

The vulnerability of the packet processing and fragmentation mechanism in Cisco IOS XE operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

PT-2023-13239 · Qualcomm · Snapdragon +187

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to memory corruption in a modem caused by a buffer overflow when processing a PPP packet. No information is provided about the...

The vulnerability in the implementation of the Common Industrial Protocol (CIP) for Cisco IOS and Cisco IOS XE operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the implementation of the Common Industrial Protocol CIP in Cisco IOS and Cisco IOS XE operating systems is related to insufficient validation of input data during the processing of CIP packets. Exploiting this vulnerability can allow a malicious actor to cause service...

SUSE CVE-2008-3146

Multiple buffer overflows in packetncp2222.inc in Wireshark formerly Ethereal 0.9.7 through 1.0.2 allow attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used...