Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: calipso: Fixed a null-ptr-deref in calipsoreqset,delattr. Syzkaller reported a null-ptr-deref in sockomalloc when allocating a CALIPSO option. The NULL value referred to struct sock, which was accessed by sktofullsk in...

EUVD-2003-1220

Malware in sbrugna...

EUVD-2018-17281

Malware in sbrugna...

EUVD-2015-7992

Malware in sbrugna...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

CVE-2023-52881

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...

K35358312: TCP vulnerability CVE-2015-8099

Security Advisory Description Under limited conditions, an invalid TCP segment can lead to a Denial of Service for the High-Speed Bridge HSB on the following platforms: 3900, 6900, 8900, 8950, 11000, 11050, PB100 or PB200. This issue is only exposed on virtual servers while Software SYN cookies a...

CVE-2023-22839

On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests...

PT-2023-7389 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions 13.1.x BIG-IP versions 14.1.x before 14.1.5.3 BIG-IP versions 15.1.x before 15.1.8.1 BIG-IP versions 16.1.x before 16.1.3.3 BIG-IP versions 17.0.x before 17.0.0.2 Description: The issue is related to the Traffic Management...

CVE-2022-36795 BIG-IP software SYN cookies vulnerability CVE-2022-36795

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connectio...

CVE-2022-36795 BIG-IP software SYN cookies vulnerability CVE-2022-36795

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connectio...

What is SYN Spoofing or TCP Reset Attack❓

Syn Spoofing or TCP Reset Attack is a type of attack in which attackers send forged TCP RST Reset packets to the host. This is the most common attack on the Internet which is causing a lot of problems. These attacks are mainly performed to shut down the websites which are not working with them...

Linux: TCP SYN Cookies

Normally, a client sends a SYN to the server which responds and hold state information in the TCP stack. In a SYN flood, the generated SYN packets consume all available TCP memory leading the server to deny service. The TCP SYN cookie is a mechanism to resist such SYN flood attacks. This script...

CVE-2018-5512

On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload LRO and SYN cookies are enabled default settings, undisclosed traffic patterns may cause TMM to restart...

Design/Logic Flaw

On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload LRO and SYN cookies are enabled default settings, undisclosed traffic patterns may cause TMM to restart...

CVE-2018-5512

On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload LRO and SYN cookies are enabled default settings, undisclosed traffic patterns may cause TMM to restart...

Denial of Service Vulnerability in Multiple F5 Products (CNVD-2018-10114)

F5 BIG-IP LTM, etc. are products of F5 Corporation, U.S.A. F5 BIG-IP LTM is a local traffic manager; BIG-IP AAM is an application acceleration manager. A security vulnerability exists in several F5 products. When Large Receive Offload and SYN cookies are turned on, an attacker can exploit the...

CVE-2017-6137

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disrupti...