Kr00k vulnerability (CVE-2019-15126) in Broadcom and Cypress Wi-Fi chips

During the RSA conference of February 26th 2020, researchers Štefan Svorencík and Robert Lipovsky disclosed a vulnerability in the implementation of the wireless egress packet processing of certain Broadcom Wi-Fi chipsets. This vulnerability is referenced as CVE-2019-15126 and could allow an...

Cisco IOS XR Software for ASR 9000 Series Slow Path Forwarding DoS (cisco-sa-xr-cp-dos-ej8VB9QY)

According to its self-reported version, IOS-XR is affected by a denial of service DoS vulnerability in the ingress packet processing function due to improper resource allocation when processing network traffic in software switching mode punted. An unauthenticated, remote attacker can exploit this...

Race condition

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate...

CVE-2020-5942

In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when processing Capabilities-Exchange-Answer CEA packets with certain attributes from the Policy and Charging Rules Function PCRF server, the Traffic Management...

The vulnerability in the kernel of Cisco IOS XE access points and Catalyst devices allows a attacker to cause a malfunction in the device’s operation.

The vulnerability of the Polaris kernel in Cisco IOS XE access points and Cisco Catalyst devices is related to packet processing errors. Exploiting this vulnerability can allow an attacker to cause malfunctions in the device...

CVE-2020-3654

u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti,...

Buffer overflow

u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

CVE-2020-3554 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability

A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to a memory...

CVE-2020-3563 Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could...

Cisco Firepower Threat Defense Software TCP Flood Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could...

PT-2020-4461 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions prior to the fixed release Cisco Firepower Threat Defense versions prior to the fixed release Description: The issue is related to a memory exhaustion condition in the TCP packet processing of the...

kernel: net: bluetooth: information leak when processing certain AMP packets

An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP Alternate MAC-PHY Manager Protocol packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory o...

kernel: net: bluetooth: information leak when processing certain AMP packets

An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP Alternate MAC-PHY Manager Protocol packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory o...

kernel: net: bluetooth: type confusion while processing AMP packets

A flaw was found in the way the Linux kernel’s Bluetooth implementation handled L2CAP Logical Link Control and Adaptation Protocol packets with A2MP Alternate MAC-PHY Manager Protocol CID Channel Identifier. This flaw allows a remote attacker in an adjacent range to crash the system, causing a...

The vulnerability of the TCP/IP protocol stack implementation in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol stack implementation in the Windows operating system is related to errors in ICMPv6 packet processing. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

SUSE-SU-2020:2877-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2020-14364: Fixed an OOB access while processing USB packets bsc1175441,bsc1176494. - CVE-2020-16092: Fixed a denial of service in packet processing of various emulated NICs bsc1174641. - CVE-2020-15863: Fixed a buffer overflow in the XGMAC...

QEMU: usb: out-of-bounds r/w access issue while processing usb packets

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-2054)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2020-2054)

According to the version of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e a...

[SECURITY] Fedora 33 Update: dpdk-19.11.3-1.fc33

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space...