Lucene search
K

210 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 9:47 p.m.61 views

Security Bulletin: IBM DataPower Gateway is affected by Denial of Service vulnerabilities

Summary IBM DataPower Gateway has addressed the following vulnerabilities: CVE-2019-11479 CVE-2019-11478 CVE-2019-11477 Vulnerability Details CVEID: CVE-2019-11479 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a flaw when processing minimum segment size MSS. By sending...

7.8CVSS1.1AI score0.98745EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/05/31 12:0 a.m.128 views

ArubaOS-CX < 10.3.0001 (ARUBA-PSA-2020-010)

The version of ArubaOS-CX installed on the remote host is prior to version 10.3.0001. It is, therefore, affected by multiple vulnerabilities, as follows: - Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow in the Linux kernel when handling TCP...

7.8CVSS6.8AI score0.98745EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2019:1530-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.98745EPSS
Exploits9References149
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2019:1924-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.98745EPSS
Exploits4References5
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/31 3:53 p.m.41 views

Security Bulletin: IBM Cloud Pak System addressed vulnerabilities (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477)

Summary IBM Cloud Pak System identified vulnerabilities in SAN VC supporting products. IBM announced a new release for IBM Cloud Pak System in response to vulnerabilities. Vulnerability Details CVEID: CVE-2019-11477 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an...

7.8CVSS0.5AI score0.98745EPSS
Exploits4Affected Software1
RedhatCVE
RedhatCVE
added 2020/11/01 9:54 p.m.72 views

CVE-2019-11477

An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented. Each fragment is about TCP maximum segment size MSS...

7.8CVSS1.1AI score0.98745EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2020/10/20 12:0 a.m.40 views

AVM FRITZ!Box TCP SACK PANIC - Kernel Vulnerabilities

Multiple AVM FRITZ!Box devices are prone to multiple Denial of Service vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.8AI score0.98745EPSS
Exploits4References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/06 8:36 p.m.63 views

Security Bulletin: IBM Security Guardium is affected by a TCP SACK PANIC -Kernel vulnerability

Summary IBM Security Guardium has addressed the following vulnerability Vulnerability Details CVEID: CVE-2019-11478 DESCRIPTION: Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel could be fragmented when handling certain TCP Selective...

7.8CVSS1AI score0.98745EPSS
Exploits4Affected Software1
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.40 views

Western Digital My Cloud Multiple Products < 2.31.193 Multiple Vulnerabilities

Multiple Western Digital My Cloud products are prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progr...

7.8CVSS8.6AI score0.98745EPSS
Exploits12References1
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.281 views

Arista Networks CloudVision Portal Linux Kernel TCP Multiple DoS (SA0041)

The version of Arista Networks CloudVision Portal running on the remote device is affected by the following denial of service DoS vulnerabilities related to TCP networking in the Linux kernel, which can be exploited by a remote, unauthenticated attacker: - SACK Panic. The TCPSKBCBskb-tcpgsosegs...

7.8CVSS6.8AI score0.98745EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2020/06/05 12:0 a.m.90 views

Huawei Data Communication: Integer Overflow Vulnerability in the Linux Kernel (SACK Panic) (huawei-sa-20191204-01-kernel)

Jonathan Looney discovered that the TCPSKBCBskb-tcpgsosegs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments SACKs. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

7.8CVSS0.5AI score0.98745EPSS
Exploits4References1
Tenable Nessus
Tenable Nessus
added 2020/03/06 12:0 a.m.108 views

Arista Networks EOS Linux Kernel TCP Multiple DoS (SA0041)

The version of Arista Networks EOS running on the remote device is affected by the following denial of service DoS vulnerabilities related to TCP networking in the Linux kernel, which can be exploited by a remote, unauthenticated attacker: - SACK Panic. The TCPSKBCBskb-tcpgsosegs value is subject...

7.8CVSS6.7AI score0.98745EPSS
Exploits4References4
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/20 7:54 p.m.30 views

Security Bulletin: IBM API Connect V5 is impacted by a denial of service vulnerability in Linux kernel (CVE-2019-11477)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11477 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an integer overflow when processing TCP Selective Acknowledgement SACK capabilities. By sending specially-crafte...

7.8CVSS1.4AI score0.98745EPSS
Exploits4Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.52 views

TCP SACK PANIC

A Linux kernel vulnerability in TCP networking could allow DoS CVE-2019-11477 is considered an Important severity, whereas CVE-2019-11478 and CVE-2019-11479 are considered a Moderate severity. The first two are related to the Selective Acknowledgement SACK packets combined with Maximum Segment Si...

7.8CVSS7AI score0.98745EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2020/02/04 12:0 a.m.44 views

Virtuozzo 7 : readykernel-patch (VZA-2019-050)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - An integer overflow was found in the way the Linux kernel's networking subsystem processed TCP Selective...

7.8CVSS6.9AI score0.98745EPSS
Exploits4References13
Tenable Nessus
Tenable Nessus
added 2020/02/04 12:0 a.m.58 views

Virtuozzo 7 : readykernel-patch (VZA-2019-068)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - tcp: integer overflow while processing SACK blocks allows remote denial of service. An integer overflow was found in...

7.8CVSS7.5AI score0.98745EPSS
Exploits4References12
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.62 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1639)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.2AI score0.98745EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.55 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1692)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.98745EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1792)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.98745EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2019/12/28 3:45 a.m.35 views

CVE-2019-11478

An excessive resource consumption flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment SACK segments. While processing SACK segments, the Linux kernel's socket buffer SKB data structure becomes fragmented, which leads to increased resource...

7.5CVSS0.7AI score0.94686EPSS
Exploits1References5
Rows per page
Query Builder