Lucene search
K

301 matches found

SUSE Linux
SUSE Linux
added 2024/12/06 7:3 p.m.1 views

Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059153 fixes several issues. The following security issues were fixed: CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. CVE-2024-43861: Fix memory leak for not ip packets bsc1229553. CVE-2021-47598: schcake: do not call...

7.8CVSS8.5AI score0.01166EPSS
Exploits2References100
CNNVD
CNNVD
added 2024/11/27 12:0 a.m.2 views

Contiki-NG 安全漏洞

Contiki-NG is a Contiki-NG open source operating system for resource-constrained devices in the Internet of Things. A security vulnerability exists in Contiki-NG 4.9 and earlier versions, which stems from a lack of valid validation of the next-hop address, which could result in uncontrolled...

8.7CVSS6.5AI score0.00538EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.3 views

PT-2024-37063

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, involving IPv6 and device removal. The issue occurred during device removal in the pmtu.sh self-test, causing an aperiodic hangup...

5.5CVSS5.3AI score0.00203EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/10/31 12:8 a.m.6 views

mod_http2: DoS by null pointer in websocket over HTTP/2

A flaw was found in the Apache HTTP Server. Serving WebSocket protocol upgrades over an HTTP/2 connection could result in a NULL pointer dereference, leading to a crash of the server process...

5.4CVSS5.7AI score0.01715EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.2 views

kernel: tunnels: fix out of bounds access when building IPv6 PMTU error

A flaw was found in the Linux kernel. This issue occurs due to the improper handling of non-linear skbs socket buffers when calculating checksums for ICMPv6 PMTU error messages. This vulnerability can lead to out-of-bounds access, potentially causing memory corruption or crashes...

7.1CVSS7.2AI score0.00237EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 1:17 a.m.2 views

kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr

This CVE addresses a race condition in the Linux kernel's IPv6 subsystem, specifically between the ipv6getifaddr and ipv6deladdr functions. This race condition can lead to use-after-free scenarios, potentially causing system instability or crashes...

5.5CVSS7.3AI score0.00257EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.240 views

TeamTalk Gather Credentials

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TeamTalk Gather Credentials', 'Description' = %q This module retrieves user credentials from BearWare TeamTalk. Valid administrator credentials a...

7.4AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2024/08/10 7:0 a.m.1 views

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily e.g. leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket.

...

7.5CVSS6.5AI score0.0094EPSS
Exploits0
CNNVD
CNNVD
added 2024/07/12 12:0 a.m.1 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential race condition issue in the ipv6 component in the fib6droppcpufrom function that could lead to...

4.7CVSS7.6AI score0.00272EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/07/10 12:18 a.m.2 views

kernel: ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr

This CVE addresses a race condition in the Linux kernel's IPv6 subsystem, specifically between the ipv6getifaddr and ipv6deladdr functions. This race condition can lead to use-after-free scenarios, potentially causing system instability or crashes...

5.5CVSS7.3AI score0.00257EPSS
Exploits0References5
Kitploit
Kitploit
added 2024/06/24 12:30 p.m.96 views

Hfinger - Fingerprinting HTTP Requests

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :- Its main objective is to provide unique representations fingerprints of malware requests, which help in their identification. Unique means here that each fingerprint should be seen...

7AI score
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/06/14 12:0 a.m.4 views

The vulnerability of the __fib6_rule_action() function in the Linux operating system’s IPv6 kernel implementation allows a hacker to induce a service failure.

The vulnerability of the fib6ruleaction function in the net/ipv6/fib6rules.c module of the Linux operating system’s IPv6 kernel implementation is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure remotely...

5.5CVSS6.6AI score0.00289EPSS
Exploits0References50Affected Software5
Tenable Nessus
Tenable Nessus
added 2024/06/07 12:0 a.m.19 views

OpenSSL 0.9.7 < 0.9.7h Vulnerability

The version of OpenSSL installed on the remote host is prior to 0.9.7h. It is, therefore, affected by a vulnerability as referenced in the 0.9.7h advisory. - The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSLOPMSIESSLV2RSAPADDING option,...

5CVSS6.5AI score0.04866EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/05/28 3:32 a.m.2 views

SUSE CVE-2021-47572

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled !CONFIGIPV6 we'll hit a NULL pointer dereference1 in the error path of nhcreateipv6 due to calling...

4.4CVSS6AI score0.00207EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2024/05/23 3:5 a.m.1 views

SUSE CVE-2021-47291

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions While running the self-tests on a KASAN enabled kernel, I observed a slab-out-of-bounds splat very similar to the one reported in commit 821bbf79fe46 "ipv6: Fix KASAN:...

7.8CVSS6.2AI score0.00247EPSS
Exploits0References48
RedHat Linux
RedHat Linux
added 2024/05/22 10:16 a.m.1 views

kernel: ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU

A flaw in the routing table size was found in the ICMPv6 handling of "Packet Too Big". The size of the routing table is regulated by periodic garbage collection. However, with "Packet Too Big Messages" it is possible to exceed the routing table size and garbage collector threshold. A user located...

7.5CVSS6.6AI score0.0094EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/04/18 9:10 a.m.2 views

Mozilla: Denial of Service using HTTP/2 CONTINUATION frames

The Mozilla Foundation Security Advisory describes this flaw as: There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser...

3.7CVSS7.3AI score0.00759EPSS
Exploits0References6
OSV
OSV
added 2024/03/15 9:15 p.m.2 views

DEBIAN-CVE-2021-47109

In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUDNOARP entries to be forced GCed IFFPOINTOPOINT interfaces use NUDNOARP entries for IPv6. It's possible to fill up the neighbour table with enough entries that it will overflow for valid connections after that...

5.5CVSS5.7AI score0.00235EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/03/13 7:42 a.m.1 views

edk2: Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise message

A security weakness was identified in EDK2, the open-source reference implementation of the UEFI specification, revealing a buffer overflow vulnerability. This vulnerability enables an unauthorized attacker within proximity on the network to transmit a specifically crafted DHCPv6 Advertise messag...

8.8CVSS6.4AI score0.01186EPSS
Exploits1References6
Amazon
Amazon
added 2024/03/04 12:0 a.m.3 views

Important: edk2

Issue Overview: EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IANA or IATA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

8.8CVSS7.5AI score0.03174EPSS
Exploits1
Rows per page
Query Builder