Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002011)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002011 advisory. Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAPNETADMIN capability a...

6.9CVSS6.5AI score0.00355EPSS
Exploits1References14
RedHat Linux
RedHat Linux
added 2024/01/30 1:13 p.m.6 views

kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags

An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious too big networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00344EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/08 11:0 a.m.10 views

kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags

An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious too big networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00344EPSS
Exploits0References5
OSV
OSV
added 2023/07/06 7:0 p.m.7 views

USN-6207-1 linux-intel-iotg vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.6AI score0.01377EPSS
Exploits4References9
RedHat Linux
RedHat Linux
added 2023/03/27 8:7 a.m.11 views

kernel: tun: avoid double free in tun_free_netdev

A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the registernetdevice function fails NETDEVREGISTER notifier. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.8CVSS6.7AI score0.00456EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:14 a.m.5 views

SUSE CVE-2015-7295

hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...

5CVSS6.8AI score0.04935EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2016/01/04 12:0 a.m.24 views

FreeBSD : qemu -- denial of service vulnerability in virtio-net support (42cbd1e8-b152-11e5-9728-002590263bf5)

Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the Virtual Network Devicevirtio-net support is vulnerable to a DoS issue. It could occur while receiving large packets over the tuntap/macvtap interfaces and when guest's virtio-net driver did not support...

5CVSS7.4AI score0.04935EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2015/11/26 12:0 a.m.6 views

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability in the hw/virtio/virtio.c module of the QEMU virtualized hardware device support mechanism is caused by buffer overflow. Exploiting this vulnerability allows an attacker to cause a service failure by sending large amounts of data to the tuntap or macvtap interfaces when the buff...

5CVSS7.6AI score0.04935EPSS
Exploits0References6
OSV
OSV
added 2015/11/09 4:59 p.m.2 views

DEBIAN-CVE-2015-7295

hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...

5CVSS6.8AI score0.04935EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2015/11/09 12:0 a.m.27 views

CVE-2015-7295

hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...

5CVSS7.1AI score0.04935EPSS
Exploits0References3
OSV
OSV
added 2015/11/09 12:0 a.m.7 views

UBUNTU-CVE-2015-7295

hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...

5CVSS7.2AI score0.04935EPSS
Exploits0References4
Mageia
Mageia
added 2015/10/13 10:40 p.m.64 views

Updated qemu packages fixes security vulnerabilities

Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service QEMU process crash. CVE-2015-5278 Qinghao Tang of QIHU 360 Inc. discovered a heap buffer overflow flaw in the NE2000 NIC emulation....

7.2CVSS8.7AI score0.04935EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2015/09/18 12:0 a.m.34 views

qemu -- denial of service vulnerability in virtio-net support

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the Virtual Network Devicevirtio-net support is vulnerable to a DoS issue. It could occur while receiving large packets over the tuntap/macvtap interfaces and when guest's virtio-net driver did not support...

5CVSS7.6AI score0.04935EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.57 views

Ubuntu Update for linux USN-2049-1

Check for the Version of linux OpenVAS Vulnerability Test $Id: gbubuntuUSN20491.nasl 7958 2017-12-01 06:47:47Z santu $ Ubuntu Update for linux USN-2049-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; yo...

6.9CVSS0.1AI score0.04144EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2013/12/09 12:0 a.m.48 views

Ubuntu 13.10 : linux vulnerabilities (USN-2049-1)

Miroslav Vadkerti discovered a flaw in how the permissions for network sysctls are handled in the Linux kernel. An unprivileged local user could exploit this flaw to have privileged access to files in /proc/sys/net/. CVE-2013-4270 A flaw was discovered in the Linux kernel's dm snapshot facility. ...

6.9CVSS6.8AI score0.04144EPSS
Exploits7References7
securityvulns
securityvulns
added 2013/12/09 12:0 a.m.95 views

[USN-2049-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-2049-1 December 07, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

6.9CVSS0.1AI score0.04144EPSS
Exploits7
Ubuntu
Ubuntu
added 2013/12/07 3:54 p.m.89 views

USN-2049-1: Linux kernel vulnerabilities

Miroslav Vadkerti discovered a flaw in how the permissions for network sysctls are handled in the Linux kernel. An unprivileged local user could exploit this flaw to have privileged access to files in /proc/sys/net/. CVE-2013-4270 A flaw was discovered in the Linux kernel's dm snapshot facility. ...

6.9CVSS7AI score0.04144EPSS
Exploits11
securityvulns
securityvulns
added 2013/11/26 12:0 a.m.57 views

Linux kernel security vulnerabilities

DoS conditions, information leakage, tuntap interface privilege escalation, bt8xx driver privilege escalation, IPv6 ICTP, UDP offload, ipip memory corruptions...

7.1CVSS2.5AI score0.09408EPSS
Exploits8References6Affected Software1
OpenVAS
OpenVAS
added 2013/11/18 12:0 a.m.40 views

Ubuntu Update for linux-lts-raring USN-2020-1

Check for the Version of linux-lts-raring OpenVAS Vulnerability Test $Id: gbubuntuUSN20201.nasl 8542 2018-01-26 06:57:28Z teissa $ Ubuntu Update for linux-lts-raring USN-2020-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This progr...

6.9CVSS0.1AI score0.0181EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2013/11/18 12:0 a.m.50 views

Ubuntu: Security Advisory (USN-2020-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS7.3AI score0.0181EPSS
Exploits2References2
Rows per page
Query Builder