61 matches found
udp: Deal with race between UDP socket address change and rehash
...
Linux Distros Unpatched Vulnerability : CVE-2025-38618
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock: Do not allow binding to VMADDRPORTANY It is possible for a vsock to autobind to VMADDRPORTANY. This can cause a use-after-free when a connection is made ...
CVE-2025-38147
Technical details about CVE-2025-38147 (affected software, impact, exploitability, and fix specifics) are not publicly provided in the supplied documents. Please monitor for updates from vendors and security bulletins.
Linux Distros Unpatched Vulnerability : CVE-2024-57974
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connec...
AZL-68748 CVE-2024-57974 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...
PT-2025-3998 · Freebsd · Freebsd
Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The ktrace facility logs the contents of kernel structures to userspace. In one case, ktrace dumps a variable-sized sockaddr to userspace, copying the full sockaddr even when it is shorter...
Denial Of Service (DoS)
proxy is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause a TypeError exception via sending a crafted HTTP request through the socket.remoteAddress variable, resulting in denial of service conditions...
SUSE CVE-2005-0201
D-BUS dbus before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket...
SUSE CVE-2010-3850
The ecdevioctl function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2 does not require the CAPNETADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call...
SUSE CVE-2020-35920
An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
SUSE CVE-2020-35921
An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
SUSE CVE-2020-35922
An issue was discovered in the mio crate before 0.7.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
[SECURITY] Fedora 35 Update: golang-github-hashicorp-sockaddr-1.0.2-11.fc35
Socket address convenience functions for Go. go-sockaddr is a convenience library that makes doing the right thing with IP addresses easy. go-sockaddr is loosely modeled after the UNIX sockaddrt and creates a union of the family of sockaddrt types see below for an ascii diagram. Library...
[SECURITY] Fedora 36 Update: golang-github-hashicorp-sockaddr-1.0.2-11.fc36
Socket address convenience functions for Go. go-sockaddr is a convenience library that makes doing the right thing with IP addresses easy. go-sockaddr is loosely modeled after the UNIX sockaddrt and creates a union of the family of sockaddrt types see below for an ascii diagram. Library...
GHSA-P5W9-856P-8Q4G Assumed memory layout of std::net::SocketAddr
The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...
Design/Logic Flaw
An issue was discovered in the quinn crate before 0.7.0 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
CVE-2021-27376
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
Rust nb-connect buffer error vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust nb-connect. The vulnerability stems from a forced data type conversion using std::net::SocketAddrV4 and std::net::SocketAddrV6 in some versions of the standard library,...
DEBIAN-CVE-2020-35921
An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
DEBIAN-CVE-2020-35920
An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...