CVE-2022-50706

In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of zero-length packets, which may result in a kernel warning...

CLSA-2025-1762181946 frr: Fix of CVE-2023-38406

CVE-2023-38406: fix BGP Flowspec NLRI overflow vulnerability where zero-length packets could cause packet processing errors...

EUVD-2007-4142

Malware in sbrugna...

OESA-2023-1312 c-ares security update

This is c-ares, an asynchronous resolver library. It is intended for applications which need to perform DNS queries without blocking, or need to perform multiple Security Fixes: c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a...

AZL-26937 CVE-2023-32067 affecting package nodejs for versions less than 16.20.1-2

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...

AZL-26942 CVE-2023-32067 affecting package python-gevent for versions less than 21.1.2-3

c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interprets the 0 length as a graceful...

Bro Buffer Overflow Vulnerability

Bro is an open source framework for network analysis and security monitoring . A security vulnerability exists in the analyzer/protocol/dnp3/DNP3.cc file in Bro versions prior to 2.3.2, which stems from the program failing to properly handle packets of zero length. A remote attacker could exploit...

kernel: firewire: ohci: handle receive packets with a data length of zero

drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet tha...

Debian Security Advisory DSA 912-1 (centericq)

The remote host is missing an update to centericq announced via advisory DSA 912-1. Wernfried Haas discovered that centericq, a text-mode multi-protocol instant messenger client, can crash when it receives certain zero length packets and is directly connected to the Internet. For the old stable...

CVE-2005-3694

centericq 4.20.0-r3 with "Enable peer-to-peer communications" set allows remote attackers to cause a denial of service segmentation fault and crash via short zero-length packets, and possibly packets of length 1 or 2, as demonstrated using Nessus...