159 matches found
Linux kernel security vulnerabilities
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that originates from an out-of-bounds read when segmenting IPv4 packets...
USN-6494-1 linux, linux-aws, linux-aws-hwe, linux-hwe, linux-kvm, linux-oracle vulnerabilities
Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Lucas Leong discovered that the netfilter subsystem in the...
USN-6461-1 linux-oem-6.1 vulnerabilities
Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Marek Marczykowski-Górecki discovered that the Xen event...
The vulnerability of the ipv4_send_dest_unreach() function in the net/ipv4/route.c module of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the ipv4senddestunreach function in the net/ipv4/route.c module of the Linux kernel is related to the assignment of a null pointer. Exploitation of this vulnerability could allow an attacker to cause a service failure...
PT-2023-25535 · I2P · I2P
Name of the Vulnerable Software and Affected Versions: i2p versions prior to 2.3.0 Description: The issue allows de-anonymizing the public IPv4 and IPv6 addresses of i2p hidden services aka eepsites via a correlation attack across the IPv4 and IPv6 addresses that occurs when a tunneled, replayed...
SUSE CVE-2011-3326
The ospfflood function in ospfflood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service daemon crash via an invalid Link State Advertisement LSA type in an IPv4 Link State Update message...
SUSE CVE-2014-8680
The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service assertion failure and named exit via vectors related to 1 the lack of GeoIP databases for both IPv4 and IPv6, or 2 IPv6 support with certain options...
SUSE CVE-2020-11900
The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free...
kernel: buffer overflow in IPsec ESP transformation code
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...
grub2: Integer underflow in grub_net_recv_ip4_packets
A flaw was found in grub2 when handling IPv4 packets. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands wri...
grub2: Integer underflow in grub_net_recv_ip4_packets
A flaw was found in grub2 when handling IPv4 packets. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands wri...
The vulnerability of the Lightspeed-Plus operating system for Cisco IOS XR routers of the Cisco ASR 9000 family allows a attacker to trigger a service failure.
The vulnerability of the Lightspeed-Plus operating system for Cisco IOS XR routers of the Cisco ASR 9000 family relates to the reading of data beyond the specified buffer. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending specially crafted IPv4 or...
CLSA-2022-1649348075 Fix CVE(s): CVE-2021-4189
SECURITY UPDATE: Expose sensitive information - debian/patches/CVE-2021-4189.patch: alters ftplib.FTP class behavior to not trust the IPv4 address sent from the remote server when setting up a passive data channel in resposne in Lib/ftplib.py, Lib/test/testftplib.py. - CVE-2021-4189...
Arista Strata 安全漏洞
Arista Networks Arista Strata is a network switch from Arista Networks. A security vulnerability exists in the Arista Strata that stems from a mismatch in the IP protocol field between a rule in a port's IPv4 access list and a rule on a "vxlan" as a protocol...
CVE-2021-45487
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic measures...
The vulnerability of the IPv4/ICMPv4 protocol stack in the Trace TCP/IP implementation allows a attacker to gain unauthorized access to protected information.
The vulnerability of the IPv4/ICMPv4 protocol stack in the TCP/IP stack is related to the disclosure of information. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
CVE-2021-1446
A vulnerability in the DNS application layer gateway ALG functionality used by Network Address Translation NAT in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a logic error that occurs when an affected...
The vulnerability of the IPv4 traffic processing service of the StarOS operating system, which allows a hacker to cause a service failure.
The vulnerability of the IPv4 traffic processing service of the StarOS operating system is related to a memory release error. Exploiting this vulnerability could allow a remote attacker to cause a service failure...
CVE-2021-0222
A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent...
CVE-2019-8580
Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted...