Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: For GRE packets, tunnelcsumstart is used instead of the transport header. For GRE packets with TUNNELCSUM, local checksum offloading is applied to CHECKSUMPARTIAL packets. The ipGRExmit function must validate csumstart after an...

SUSE CVE-2023-54148

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanuptx For IP tunnel encapsulation in ECMP Equal-Cost Multipath mode, as the flow is duplicated to the peer eswitch, the related neighbour information on the peer uplink...

PT-2025-53225

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the net/mlx5e module related to the handling of neighbor information during ECMP Equal-Cost Multipath mode with IP tunnel encapsulation. Specifically,...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not calculating the size of the lightweight tunnel encapsulation for all sibling nodes, which could lead to...

Juniper Junos OS Vulnerability (JSA79095)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79095 advisory. - An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based...

CVE-2024-30395

An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service DoS. If a BGP update is received over an established BGP session which contains a tunnel...

CVE-2024-21598

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If a BGP update is received over an established BGP sessio...

CVE-2024-21598

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If a BGP update is received over an established BGP sessio...

CVE-2024-30395

CVE-2024-30395 describes an improper validation of a BGP tunnel encapsulation attribute in Junos OS and Junos OS Evolved RPD, leading to an unauthenticated, network-based DoS. A BGP update containing a specifically malformed TLV can cause Routing Protocol Daemon (rpd) to crash and restart. Affect...

CVE-2024-30395 Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash

An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service DoS. If a BGP update is received over an established BGP session which contains a tunnel...

CVE-2024-21598 Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If a BGP update is received over an established BGP sessio...

CVE-2024-21598 Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd crash

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If a BGP update is received over an established BGP sessio...

CVE-2024-21598

CVE-2024-21598 affects Juniper Networks Junos OS and Junos OS Evolved, where the Routing Protocol Daemon (rpd) crashes and restarts when receiving a BGP update containing a malformed TLV in a tunnel encapsulation attribute. This is due to improper validation of syntactic correctness of input. Imp...

Fedora 37 : frr (2023-ce436d56f8)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ce436d56f8 advisory. New version 8.5.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

SUSE SLES15 Security Update : quagga (SUSE-SU-2023:3836-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3836-1 advisory. - FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP...

CBL Mariner 2.0 Security Update: frr (CVE-2023-38802)

The version of frr installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-38802 advisory. - FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service vi...

AlmaLinux 9 : frr (ALSA-2023:5194)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5194 advisory. - FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute ...

Oracle Linux 8 : frr (ELSA-2023-5219)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5219 advisory. 7.5.1-7.0.1.2 - Fix BFD crash in FRR running in MetalLB BZ2231829 - Fix for CVE-2023-38802 Tenable has extracted the preceding description block directly from t...

frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

A vulnerability was found in FRRouting FRR. This flaw allows a remote attacker to cause a denial of service issue via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...

frr: Incorrect handling of a error in parsing of an invalid section of a BGP update can de-peer a router

A vulnerability was found in FRRouting FRR. This flaw allows a remote attacker to cause a denial of service issue via a crafted BGP update with a corrupted attribute 23 Tunnel Encapsulation...