CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().

@@ -0,0 +1,7 @@

IP (tos 0x4, ttl 64, id 3584, offset 0, flags \[none\], proto ICMP (1), length 23, bad cksum a (->1e0f)!)

22.3.2.0 > 54.209.0.0: ICMP type-#49, length 3\[|icmp\]

IP (tos 0x4, ttl 64, id 32512, offset 0, flags \[none\], proto VRRP (112), length 31, bad cksum 82 (->db96)!)

22.3.211.0 > 54.209.0.0: vrrp 22.3.211.0 > 54.209.0.0: VRRPv3, Advertisement, (ttl 64), vrid 128, prio 69\[|vrrp\]

c0:05:ff:ff:40:9d > 00:0c:02:49:96:7e, ethertype Unknown (0xf1ff), length 65570:

0x0000: 4404 0020 0e00 0000 4070 000a 1603 0200 D.......@p......

0x0010: 36d1 0000 3180 bc 6...1..

Headline

CVE-2018-14462: (for 4.9.3) CVE-2018-14462/ICMP: Add a missing bounds check · the-tcpdump-group/tcpdump@1a1bce0

CVE: Latest News