Tag
#dos
Ubuntu Security Notice 6972-1 - Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service.
Ubuntu Security Notice 6971-1 - It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.
Red Hat Security Advisory 2024-5433-03 - Red Hat OpenShift Container Platform release 4.14.35 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and memory exhaustion vulnerabilities.
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: 5015 - AENFTXT Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation 5015 - AENFTXT, a part of the FLEXHA 5000 I/O Modules, are affected: 5015 - AENFTXT: Version 2.011 3.2 Vulnerability Overview 3.2.1 Improper Input Validation CWE-20 An input validation vulnerability exists in the affected products when a manipulated PTP packet is sent, causing the secondary adapter to result in a major nonrecoverable fault. If exploited, a power cycle is required to recover the product. CVE-2024-6089 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). A CVSS v4 score has also been cal...
Debian Linux Security Advisory 5752-1 - Two vulnerabilities have been discovered in the IMAP implementation of large headers can result in high CPU usage, leading to denial of service.
Ubuntu Security Notice 6965-1 - It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. It was discovered that vim incorrectly handled memory when opening and searching the contents of certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges.
Ubuntu Security Notice 6966-2 - USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service ...
Ubuntu Security Notice 6944-2 - USN-6944-1 fixed CVE-2024-7264 for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. This update provides the corresponding fix for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents.
Ubuntu Security Notice 6970-1 - It was discovered that exfatprogs incorrectly handled certain memory operations. If a user or automated system were tricked into handling specially crafted exfat partitions, a remote attacker could use this issue to cause exfatprogs to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2024-5690-03 - An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include denial of service and heap overflow vulnerabilities.