12 matches found
EUVD-2019-17749
Malware in sbrugna...
CVE-2021-47014
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...
CVE-2021-47014 net/sched: act_ct: fix wild memory access when clearing fragments
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...
CVE-2021-47014 net/sched: act_ct: fix wild memory access when clearing fragments
In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix wild memory access when clearing fragments while testing re-assembly/re-fragmentation using actct, it's possible to observe a crash like the following one: KASAN: maybe wild-memory-access in range...
CVE-2021-47014
CVE-2021-47014 affects the Linux kernel’s net/sched code, specifically the act_ct action used during IP fragment handling. The root cause was a wild memory access that occurred when a temporarily stored IP fragment was reassembled: restoring skb->cb could overwrite FRAG_CB(), causing invalid m...
Out-of-bounds
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c...
CVE-2019-8359
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c...
F5 Networks BIG-IP : Linux kernel vulnerability (K74374841)
The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.1 / 12.1.5 / 13.1.3 / 14.0.1.1 / 14.1.2.4 / 15.0.0. It is, therefore, affected by a vulnerability as referenced in the K74374841 advisory. - The Linux kernel, versions 3.9+, is vulnerable to a denial of service atta...
Samba < 2.2.8a Remote Code Execution Vulnerability
The version of Samba running on the remote host is prior to 2.2.8a. It is, therefore, affected by a remote code execution vulnerability in the SMB/CIFS packet fragment re-assembly code in smbd. An unauthenticated, remote attacker can exploit this to inject binary specific exploit code into smbd a...
Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2018-4195)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4195 advisory. - ipv4: frags: handle possible skb truesize change Eric Dumazet Orabug: 28481663 CVE-2018-5391 - inet: frag: enforce memory limits earlier Eric Dumazet...
CVE-2003-0085
Samba vulnerability CVE-2003-0085 is a remote, unauthenticated buffer overflow in the SMB/CIFS packet fragment re-assembly code used by smbd, affecting Samba prior to 2.2.8 and Samba-TNG prior to 0.3.1. An attacker could remotely execute arbitrary code (often with root privileges) by sending craf...
Multiple bugs in Samba
Buffer overflow on SMB/CIFS packet re-assembly, chown race conditions...