ROS-20251202-02

Vulnerability of recvmsg function of Linux kernel is related to buffer copying without input data verification. input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service Vulnerability of tlsrxmsgsize function of tls component of...

PT-2024-2978 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the ch ktls component of the Linux kernel and is caused by the lack of synchronization locking. This can lead to a kernel panic when taking page refcount is not...

ROS-20231109-01

Go programming language vulnerability is related to insecure external control of critical state data state when processing the setuid and setgid attributes. Exploitation of the vulnerability could allow an attacker, acting remotely, escalate their privileges and gain access to read, modify, or...

CVE-2022-4087

A vulnerability was found in ipxe. This issue affects the tlsnewciphertext function in the src/net/tls.c file of the TLS component. The manipulation of the padlen argument leads to information exposure due to discrepancy...

ICS-CERT Warns of Heartbleed Vulnerabilities in Siemens Gear

A number of ICS products from Siemens and Innominate are vulnerable to the OpenSSL heartbleed flaw, some of which do not have updates available yet. The list of products affected by the heartbleed vulnerability continues to grow by the day, with OpenVPN being one of the latest. A researcher on...