2 matches found
CVE-2018-5390
CVE-2018-5390 (SegmentSmack) affects Linux kernels 4.9+ where specially crafted TCP packets can trigger expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue(), potentially exhausting CPU and causing DoS. The Citrix advisory corroborates that TCP reassembly issues can lead to CPU sa...
CVE-2019-13115
CVE-2019-13115 affects libssh2 prior to 1.9.0, where kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c can overflow an integer, leading to an out-of-bounds read when processing server packets. The vulnerability could allow a remote attacker controlling a SSH server to disclose...