AZL-73063 CVE-2025-68362 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...

UBUNTU-CVE-2025-68362

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...

CVE-2025-68362

The CVE-2025-68362 entry documents a buffer underflow in the Linux kernel’s wifi rtl8187/rtl8187b path (rtl8187_rx_cb). The issue arises when a truncated skb (skb->len from urb->actual_length) is used to calculate the rx descriptor header address, potentially reading memory before the skb s...

PT-2025-52898

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s wifi subsystem, specifically within the rtl818x and rtl8187 drivers. The rtl8187 rx cb function calculates the receive descriptor header address by...

Linux Distros Unpatched Vulnerability : CVE-2025-29915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AFPACKET defrag option is enabled by...

CVE-2025-29915

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AFPACKET defrag option is enabled by default and allows AFPACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is bas...

UBUNTU-CVE-2025-29915

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AFPACKET defrag option is enabled by default and allows AFPACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is bas...

CVE-2025-29915

CVE-2025-29915 affects Suricata, where the AF_PACKET defrag option being enabled by default allows AF_PACKET to re-assemble fragmented packets before they reach Suricata. The default packet size is tied to the interface MTU, causing Suricata to see truncated packets and potentially degrade visibi...

CVE-2025-29915 Suricata af-packet: defrag option can lead to truncated packets affecting visibility

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AFPACKET defrag option is enabled by default and allows AFPACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is bas...

CVE-2025-29915 Suricata af-packet: defrag option can lead to truncated packets affecting visibility

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. The AFPACKET defrag option is enabled by default and allows AFPACKET to re-assemble fragmented packets before reaching Suricata. However the default packet size in Suricata is bas...

PT-2025-11966 · Suricata +1 · Suricata +1

Name of the Vulnerable Software and Affected Versions: Suricata versions affected versions not specified Description: The issue is related to the af-packet defrag option, which can lead to truncated packets. This affects Suricata in Debian Linux. No information is provided about the estimated...

Security Bulletin: OpenSSL vulnerability affects IBM Security Guardium (CVE-2017-3731)

Summary OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read when using a specific cipher. Vulnerability Details CVEID: CVE-2017-3731 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read when using a specific cipher. By sending...

ALPINE-CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...

Oracle Linux 6 / 7 : openssl (ELSA-2017-0286)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0286 advisory. - fix CVE-2017-3731 - DoS via truncated packets with RC4-MD5 cipher Tenable has extracted the preceding description block directly from the Oracle...

USN-3181-1 openssl vulnerabilities

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were...

USN-3181-1: OpenSSL vulnerabilities

Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were...