K000135242: Linux kernel vulnerability CVE-2023-1390

Security Advisory Description A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer...

F5 Networks BIG-IP : BIG-IP HTTP/2 profile vulnerability (K56676554)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K56676554 advisory. - On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in versio...

F5 Networks BIG-IP : BIG-IP TMM SSL vulnerability (K000133132)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K000133132 advisory. - When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU ...

F5 Networks BIG-IP : BIG-IP Packet Filters vulnerability (K31856317)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K31856317 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1....

[SECURITY] Fedora 37 Update: rust-below-0.6.3-4.fc37

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

Wrong WhitePaperInterestRateModel block per year calculations incur losses for users and the protocol

Lines of code Vulnerability details Vulnerability Details Blocks per year calculations in WhitePaperInterestRateModel improperly assume 15 seconds block time, while on Binance Smart Chain it’s 3 seconds. This has grave consequences, because it is used in calculating borrower’s interest rate and...

Intel QuickAssist Technology 缓冲区错误漏洞

Intel QuickAssist Technology is an Intel technology that improves server utilization. The technology improves server efficiency by sharing the stress of compute-intensive tasks to equalize server pressure. A security vulnerability exists in Intel QuickAssist Technology. An attacker could exploit...

F5 BIG-IP Resource Management Error Vulnerability

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. F5 BIG-IP suffers from a resource management error vulnerability that originates from uncontrolled resource consumption by an...

CVE-2023-24594

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Code injection

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-24594 BIG-IP TMM SSL vulnerability

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-24594

CVE-2023-24594 affects F5 BIG-IP: when an SSL profile is configured on a Virtual Server, undisclosed traffic can cause increased CPU/SSL accelerator resource utilization (data-plane DoS). Affected BIG-IP branches include 17.x (fix: 17.0.0), 16.x (fix: 16.1.2.1), 15.x (fix: 15.1.5), 14.x (fix: 14....

growthpotential.eu Cross Site Scripting vulnerability OBB-3260121

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability

A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient input validation of...

Denial of service

PDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A patch for this issue ...

CVE-2023-28428 PDFio vulnerable to Denial Of Service when opening a corrupt PDF file

PDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A patch for this issue ...

CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

Race condition

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation. A security vulnerability exists in the Linux kernel, which stems from a problem with the while loop in tipclinkxmit when trying to parse a SKB that is not in a queue, and can be exploited to cause ...