exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

CVE-2020-1749

Status Candidate

Overview

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.

Related Files

Ubuntu Security Notice USN-6262-1
Posted Jul 31, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6262-1 - It was discovered that Wireshark did not properly handle certain NFS packages when certain configuration options were enabled. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. It was discovered that Wireshark did not properly handle certain GVCP packages. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2020-13164, CVE-2020-15466, CVE-2020-17498, CVE-2020-25862, CVE-2020-25863
SHA-256 | a2075872cd77cf9a317690bbe65aeb0bc05f54e68f7501ad7a5514e88942fcd9
Red Hat Security Advisory 2021-0354-01
Posted Feb 2, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0354-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include a use-after-free vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-15436, CVE-2020-1749, CVE-2020-29661
SHA-256 | 61fd5b2885db736fff66a1fa2e6b36667dab7cdf7afd0f360c7b88a7f36ab487
Debian Security Advisory 4837-1
Posted Jan 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4837-1 - Several vulnerabilities were discovered in salt, a powerful remote execution manager. The flaws could result in authentication bypass and invocation of Salt SSH, creation of certificates with weak file permissions via the TLS execution module or shell injections with the Salt API using the SSH client.

tags | advisory, remote, shell, vulnerability
systems | linux, debian
advisories | CVE-2020-16846, CVE-2020-17490, CVE-2020-25592
SHA-256 | 1265eaac9da5321225abc341caa107482a2babd057291d3ade1956f641263f64
Gentoo Linux Security Advisory 202011-13
Posted Nov 11, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202011-13 - Multiple vulnerabilities have been found in Salt, the worst of which could result in the arbitrary execution of code. Versions less than 3000.5 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-16846, CVE-2020-17490, CVE-2020-25592
SHA-256 | abb5e03a5ec887de7abc41bf6db230426d3a812179a8d18df5eca701d9593ba9
Gentoo Linux Security Advisory 202008-14
Posted Aug 27, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202008-14 - A vulnerability in Wireshark could lead to a Denial of Service condition. Versions less than 3.2.6 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2020-17498
SHA-256 | 1e745d3f44450ee5f3ff173318a642583a2f861a43f9f1ec7f4117a0f3560687
Wireshark Analyzer 3.2.6
Posted Aug 13, 2020
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Multiple bug fixes including a dissector crash.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2020-17498
SHA-256 | ebb1eebe39bcecee02195dc328dd25f6862fc9e9dea4c2e29eae50537d5eb4f2
Ubuntu Security Notice USN-4388-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4388-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-0067, CVE-2020-0543, CVE-2020-12114, CVE-2020-12464, CVE-2020-12659, CVE-2020-1749
SHA-256 | 24b25c54711167debfb3a1de96a5ccaa82b46c8875ceb35c4dff6a5f8c785c0b
Ubuntu Security Notice USN-4391-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4391-1 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle setxattr operations in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19319, CVE-2020-0543, CVE-2020-10751, CVE-2020-12114, CVE-2020-12464, CVE-2020-12769, CVE-2020-12826, CVE-2020-1749
SHA-256 | e0a6c38a113dc261822095ed2e1b728d5bf4288b2229b470472eb7d9064118a4
Ubuntu Security Notice USN-4390-1
Posted Jun 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4390-1 - It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-0067, CVE-2020-0543, CVE-2020-10751, CVE-2020-12114, CVE-2020-12464, CVE-2020-1749
SHA-256 | e5d410bb0a6f3e7d3022679274328cddc80018c6f7dbebfd3e18c23532085b9d
Red Hat Security Advisory 2020-1567-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1567-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, information leakage, integer overflow, null pointer, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-16871, CVE-2019-10639, CVE-2019-15090, CVE-2019-15099, CVE-2019-15221, CVE-2019-17053, CVE-2019-17055, CVE-2019-18805, CVE-2019-19057, CVE-2019-19073, CVE-2019-19074, CVE-2019-19534, CVE-2019-19768, CVE-2019-19922, CVE-2019-8980, CVE-2020-1749
SHA-256 | 4d14b94bafdee251e54f1794da92fba753b363e03e9280972aa701a91982329a
Red Hat Security Advisory 2020-1769-01
Posted Apr 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1769-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, information leakage, integer overflow, null pointer, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-16871, CVE-2019-10639, CVE-2019-15090, CVE-2019-15099, CVE-2019-15221, CVE-2019-17053, CVE-2019-17055, CVE-2019-18805, CVE-2019-19057, CVE-2019-19073, CVE-2019-19074, CVE-2019-19534, CVE-2019-19768, CVE-2019-19922, CVE-2019-8980, CVE-2020-1749
SHA-256 | b3605c32b8f528963f869695ca9be893e0dcb7b2fe7d7839472a42d2bf6c36f0
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close