Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A vulnerability classified as critical was discovered in the Linux kernel. The vulnerability affects the function l2capreassemblesdu in the file net/bluetooth/l2capcore.c of the Bluetooth component. This vulnerability stems from improper memory management, leading to an attempt to reuse freed...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992272)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992272 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between...

DEBIAN-CVE-2022-49910

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between the following two flows that run in parallel: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...

UBUNTU-CVE-2022-49910

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu Fix the race condition between the following two flows that run in parallel: 1. l2capreassemblesdu - chan-ops-recv l2capsockrecvcb - sockqueuercvskb. 2...

CVE-2024-43914

In the Linux kernel, the following vulnerability has been resolved: md/raid5: avoid BUGON while continue reshape after reassembling Currently, mdadm support --revert-reshape to abort the reshape while reassembling, as the test 07revert-grow. However, following BUGON can be triggerred by the test:...

CVE-2024-43914

CVE-2024-43914 : In the Linux kernel md/raid5 code, the issue arises when --revert-reshape is used during a reshape; updating the raid from 5 to 4 disks while a reshape position is still set caused a mismatch where the old reshape position influenced writepos checks, triggering a panic. The fix c...

Exploit for Integer Underflow (Wrap or Wraparound) in Microsoft

This is a rather flaky poc for CVE-2024-38063https://msrc.m...

FreeBSD -- pf incorrectly handles multiple IPv6 fragment headers

Problem Description: With a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a pack...

SUSE CVE-2022-3564

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The...

Important: kernel-livepatch-4.14.294-220.533

Issue Overview: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6renewoptions of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a...

CVE-2022-3564

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2021-2663)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that received...

GSD-2021-1000597 tipc: skb_linearize the head skb when reassembling msgs

tipc: skblinearize the head skb when reassembling msgs This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit...

Out-of-bounds

In reassembleanddispatch of packetfragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

DEBIAN-CVE-2019-16410

An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of headerlen checking...

UBUNTU-CVE-2019-16410

An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of headerlen checking...

CVE-2017-6150

Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled default, some specific large fragmented packets may restart the Traffic Management Microkernel TMM...

Design/Logic Flaw

Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled default, some specific large fragmented packets may restart the Traffic Management Microkernel TMM...

F5 Networks BIG-IP : BIG-IP FastL4 profile vulnerability (K36300805)

Under certain conditions for BIG-IP systems using FastL4 profiles, when the Reassemble IP Fragments option is disabled default, a specific sequence of fragmented packets may restart the Traffic Management Microkernel TMM. C Tenable Network Security, Inc. The descriptive text and package checks in...

SOL36300805 - BIG-IP FastL4 profile vulnerability

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...