EUVD-2015-1245

Malware in sbrugna...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-410269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-410269 advisory. In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-l...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-49948)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49948 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to...

CVE-2024-50033

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

CVE-2024-50033 slip: make slhc_remember() more robust against malicious packets

In the Linux kernel, the following vulnerability has been resolved: slip: make slhcremember more robust against malicious packets syzbot found that slhcremember was missing checks against malicious packets 1. slhcremember only checked the size of the packet was at least 20, which is not good...

CVE-2024-49948

In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-len is bigger than hdrlen. virtionethdrtoskb does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is...

AZL-52620 CVE-2024-49948 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-len is bigger than hdrlen. virtionethdrtoskb does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is...

CVE-2024-49948 net: add more sanity checks to qdisc_pkt_len_init()

In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-len is bigger than hdrlen. virtionethdrtoskb does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is...

CVE-2024-49948 net: add more sanity checks to qdisc_pkt_len_init()

In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-len is bigger than hdrlen. virtionethdrtoskb does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is...

How To Enable Citrix SD-WAN Auto MTU Detect Feature

This article describes how to enable Citrix SD-WAN auto MTU detect feature. Background Adding headers to packets affect the maximum transmission MTU size Downstream devices may do their own encapsulation as well e.g. VPNs The per packet delivery that the Virtual WAN provides is accomplished by...

Design/Logic Flaw

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 does not properly handle TCP headers, which allows man-in-the-middle attackers to cause a denial of service via unspecified vectors...

CVE-2015-1102

CVE-2015-1102 affects the Apple kernel in iOS before 8.3, OS X before 10.10.3, and Apple TV before 7.2, where improper handling of TCP headers can be exploited to cause a denial of service via unspecified vectors. The vulnerability allows a MITM-style condition that can crash or stall the device ...

Ubuntu 8.10 : linux regression (USN-661-1)

Version 2.6.27 of the Linux kernel changed the order of options in TCP headers. While this change was RFC-compliant, it was found that some old routers and consumer DSL modems would not route traffic for these systems when TCP timestamps were enabled. As a workaround, TCP timestamps were disabled...

Ubuntu: Security Advisory (USN-661-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-661-1: Linux kernel regression

Version 2.6.27 of the Linux kernel changed the order of options in TCP headers. While this change was RFC-compliant, it was found that some old routers and consumer DSL modems would not route traffic for these systems when TCP timestamps were enabled. As a workaround, TCP timestamps were disabled...

IPFilter 3.x - Fragment Rule Bypass

IPFilter 3.x - Fragment Rule Bypass source: https://www.securityfocus.com/bid/2545/info IPFilter is a packet filtering implementation that is in wide use on a variety of Unix systems. There exists a vulnerability in IPFilter that can allow an attacker to communicate with blocked ports on hosts...