kernel: net: sched: act_csum: validate nested VLAN headers

A flaw was found in the Linux kernel's network scheduler component. A remote attacker could send specially crafted network packets containing nested Virtual Local Area Network VLAN headers. This could cause the kernel to read beyond allocated memory, leading to a system crash and a denial of...

The vulnerability of demons that implement routing protocols (rpd) in Junos OS and Junos OS Evolved allows a attacker to cause a service failure.

The vulnerability of demons that implement routing protocols for Junos OS and Junos OS Evolved is related to reading memory outside of the allowed range. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending specially crafted BGP packets remotely...

kernel: NULL pointer dereference in __nvmet_req_complete

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...

PT-2023-8257 · Nvidia · Nvidia Dgx H100 Bmc

Name of the Vulnerable Software and Affected Versions: NVIDIA DGX A100 BMC affected versions not specified Description: The issue is related to a vulnerability in the host KVM daemon of the NVIDIA DGX A100 BMC, where an unauthenticated attacker can cause stack memory corruption by sending a...

SUSE CVE-2018-10938

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c leading to a denial-of-service. A certain non-default...

Designing sockfuzzer, a network syscall fuzzer for XNU

Posted by Ned Williamson, Project Zero Introduction When I started my 20% project – an initiative where employees are allocated twenty-percent of their paid work time to pursue personal projects – with Project Zero, I wanted to see if I could apply the techniques I had learned fuzzing Chrome to...

DEBIAN-CVE-2018-10938

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c leading to a denial-of-service. A certain non-default...

CVE-2017-14465

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

PT-2016-5801 · Qemu +3 · Qemu +3

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: The issue is related to a buffer overflow in the stellaris enet receive function, which can cause a denial of service QEMU crash when the Stellaris ethernet controller is configured to accept...