Lucene search
K

57 matches found

UbuntuCve
UbuntuCve
added 2024/02/20 8:15 p.m.32 views

CVE-2023-52435

In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...

5.5CVSS6.2AI score0.00231EPSS
Exploits0References16
Prion
Prion
added 2024/02/20 8:15 p.m.19 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...

7.2AI score0.00231EPSS
Exploits0References6
OSV
OSV
added 2024/02/20 6:27 p.m.4 views

CVE-2023-52435 net: prevent mss overflow in skb_segment()

In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...

5.5CVSS6AI score0.00231EPSS
Exploits0References11
CVE
CVE
added 2024/02/20 6:27 p.m.601 views

CVE-2023-52435

CVE-2023-52435 affects the Linux kernel’s net/ skb_segment() and can overflow MSS when computing mss = mss * partial_segs, risking a crash (e.g., GSO_BY_FRAGS) and triggering NULL pointer dereferences in some traces. The fix adds a guard to ensure the new MSS is smaller than GSO_BY_FRAGS, prevent...

5.5CVSS6.6AI score0.00231EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/20 6:27 p.m.24 views

CVE-2023-52435 net: prevent mss overflow in skb_segment()

In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...

6.8AI score0.00231EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/02/20 6:27 p.m.19 views

CVE-2023-52435 net: prevent mss overflow in skb_segment()

In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...

6.5AI score0.00231EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/02/20 6:27 p.m.41 views

CVE-2023-52435

In the Linux kernel, the following vulnerability has been resolved: net: prevent mss overflow in skbsegment Once again syzbot is able to crash the kernel in skbsegment 1 GSOBYFRAGS is a forbidden value, but unfortunately the following computation in skbsegment can reach it quite easily : mss = ms...

5.5CVSS7.4AI score0.00231EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: net: gso: fix panic on frag_list with mixed head alloc types

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix panic on fraglist with mixed head alloc types Since commit 3dcbdb134f32 "net: gso: Fix skbsegment splat when splitting gsosize mangled skb having linear-headed fraglist", it is allowed to change gsosize of a GRO...

5.5CVSS6.3AI score0.00166EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2023/02/21 7:59 p.m.63 views

K15699: Linux kernel vulnerability CVE-2014-0131

Security Advisory Description Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. CVE-2014-0131 Impact...

2.9CVSS5.4AI score0.00675EPSS
Exploits2Affected Software17
seebug.org
seebug.org
added 2014/03/26 12:0 a.m.55 views

Linux kernel skb_segment函数释放后使用漏洞

CVE ID:CVE-2014-0131 Linux kernel是一款开源的操作系统。 Linux kernel skbsegment函数net/core/skbuff.c存在释放后使用漏洞,允许攻击者利用漏洞获取内核内存敏感信息。 0 Linux kernel 3.13.6 用户可参考厂商的GIT库以获得补丁修复此漏洞: https://github.com/torvalds/linux/commit/1fd819ecb90cc9b822cd84d3056ddba315d3340f...

2.9CVSS7.6AI score0.00675EPSS
Exploits2
NVD
NVD
added 2014/03/24 4:40 p.m.21 views

CVE-2014-0131

Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...

2.9CVSS7.1AI score0.00675EPSS
Exploits2References8
OSV
OSV
added 2014/03/24 4:40 p.m.0 views

DEBIAN-CVE-2014-0131

Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...

2.9CVSS5.2AI score0.00675EPSS
Exploits2References1
Prion
Prion
added 2014/03/24 4:40 p.m.24 views

Design/Logic Flaw

Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...

2.9CVSS6.2AI score0.00675EPSS
Exploits2References8Affected Software3
Cvelist
Cvelist
added 2014/03/24 10:0 a.m.31 views

CVE-2014-0131

Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...

5.9AI score0.00675EPSS
Exploits2References8
CVE
CVE
added 2014/03/24 10:0 a.m.139 views

CVE-2014-0131

CVE-2014-0131 affects the Linux kernel up to version 3.13.6. The vulnerability is a use-after-free in the skb_segment function within net/core/skbuff.c caused by the absence of a certain orphaning operation. Exploitation details are not provided in the supplied documents. The impact is that an at...

2.9CVSS5.8AI score0.00675EPSS
Exploits2References8Affected Software1
UbuntuCve
UbuntuCve
added 2014/03/24 12:0 a.m.49 views

CVE-2014-0131

Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...

2.9CVSS6.5AI score0.00675EPSS
Exploits2References13
OSV
OSV
added 2014/03/24 12:0 a.m.3 views

UBUNTU-CVE-2014-0131

Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation...

2.9CVSS6.4AI score0.00675EPSS
Exploits2References14
Rows per page
Query Builder