kernel: buffer overflow in IPsec ESP transformation code

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

kernel: buffer overflow in IPsec ESP transformation code

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

kernel: buffer overflow in IPsec ESP transformation code

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

Arista Networks Arista EOS 安全漏洞

Arista Networks Arista EOS is a scalable operating system for data centers and cloud network centers from Arista Networks, Inc. Arista EOS builds cloud architectures that scale to hundreds of thousands of compute and storage nodes with management and provisioning capabilities for large-scale jobs...

Zyxel USG/ZyWALL 授权问题漏洞

Zyxel USG/ZyWALL is a firewall from China's Heqin Technology Zyxel. An authorization issue vulnerability exists in Zyxel USG/ZyWALL versions 4.32-4.71, USG FLEX 4.50-5.21, ATP 4.32-5.21, and VPN 4.32-5.21, which stems from the lack of proper access control mechanisms and can be exploited to allow...

The vulnerability of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD), a micro-programming network interface device, allows attackers to gain unauthorized access to protected information.

The vulnerability of Cisco Adaptive Security Appliances ASA and Cisco Firepower Threat Defense FTD, which are microprogramming network devices, is related to encryption deficiencies using the Galois/Counter Mode GCM authentication method. Exploiting this vulnerability can allow an attacker to gai...

CVE-2022-29473

On F5 BIG-IP 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, and 13.1.x versions prior to 13.1.5, when an IPSec ALG profile is configured on a virtual server, undisclosed responses can cause Traffic Management MicrokernelTMM to terminate. Note: Software versions which have...

The vulnerability of the Cisco IOS XE operating system’s IPSec decryption process allows a attacker to trigger a device reboot or cause a service failure.

The vulnerability of the Cisco IOS XE operating system’s IPSec decryption process exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure using a specially crafted IPSec packet...

USN-5357-1 linux, linux-aws, linux-azure-4.15, linux-dell300x, linux-hwe, linux-kvm, linux-snapdragon vulnerability

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

...

AZL-9190 CVE-2021-3618 affecting package vsftpd for versions less than 3.0.5-1

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...

AZL-9120 CVE-2022-27666 affecting package kernel for versions less than 5.15.32.1-3

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

UBUNTU-CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

The vulnerability of the skb_page_frag_refill parameter in the implementation of the Linux-based operating system kernel for IPSec protocols allows a attacker to cause a service failure.

The vulnerability of the “skbpagefragrefill” parameter in the implementation of the Linux-based operating system’s IPSec kernel protocol is related to buffer overflow in the stack. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

Design/Logic Flaw

On BIG-IP AFM version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and 13.1.x beginning in 13.1.3.4, when a virtual server is configured with both HTTP protocol security and HTTP Proxy Connect profiles, undisclosed requests can cause the Traffic Management Microkernel TMM...

January 18, 2022—KB5010791 (OS Build 17763.2458) Out-of-band

January 18, 2022—KB5010791 OS Build 17763.2458 Out-of-band 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights Updat...

Timelock can be bypassed

Handle WatchPug Vulnerability details The purpose of a Timelock contract is to put a limit on the privileges of the governor, by forcing a two step process with a preset delay time. However, we found that the current implementation actually won't serve that purpose as it allows the governor to...

Get virtual price is not monotonically increasing

Handle jonah1005 Vulnerability details Impact There's a feature of virtualPrice that is monotonically increasing regardless of the market. This function is heavily used in multiple protocols. e.g.curve metapool, mim, ... This is not held in the current implementation of customSwap since...

Moderate: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CLSA-2021-1632261664 Fix of CVE: CVE-2021-27364, CVE-2021-27363, CVE-2021-27365

CVE-2021-27365: scsi: iscsi: Ensure sysfs attributes are limited to PAGESIZE - CVE-2021-27365: scsi: iscsi: Verify lengths on passthrough PDUs - CVE-2021-27363: CVE-2021-27364: scsi: iscsi: Restrict sessions and handles to admin capabilities - sysfs: Add sysfsemit and sysfsemitat to format sysfs...