exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2022-32296

Status Candidate

Overview

The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.

Related Files

Ubuntu Security Notice USN-5695-1
Posted Oct 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5695-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-0812, CVE-2022-2318, CVE-2022-26365, CVE-2022-32296, CVE-2022-33740, CVE-2022-33744
SHA-256 | 24debba98266b5e8e24734da3cfae7e77580075aa9e13660bf0442c6c99a9d63
Ubuntu Security Notice USN-5687-1
Posted Oct 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5687-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-0812, CVE-2022-2318, CVE-2022-26365, CVE-2022-32296, CVE-2022-33740, CVE-2022-33744
SHA-256 | 7abb15cb3a8fd976c2fb718557dcb533ef6f9e621955f28e24154ed47b76c066
Ubuntu Security Notice USN-5684-1
Posted Oct 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5684-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-0812, CVE-2022-2318, CVE-2022-26365, CVE-2022-32296, CVE-2022-33740, CVE-2022-33744
SHA-256 | a66cd519f4b4c1444519d3beb35f8e367fabb3df332f2f475aef311b35f03f09
Ubuntu Security Notice USN-5679-1
Posted Oct 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5679-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-0812, CVE-2022-2318, CVE-2022-26365, CVE-2022-32296, CVE-2022-33740, CVE-2022-33744
SHA-256 | d50b77e88f3f70f5dfe3ac55f0c893d67ca42297fe2bbd2757e9ba2beab52f0d
Ubuntu Security Notice USN-5678-1
Posted Oct 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5678-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-0812, CVE-2022-2318, CVE-2022-26365, CVE-2022-32296, CVE-2022-33740, CVE-2022-33744
SHA-256 | 0a03c1780f2221d5e4b4a416dd2a94e74f076c18097d8efbdc44c7d0e564fa82
Ubuntu Security Notice USN-5669-1
Posted Oct 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5669-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-0812, CVE-2022-2318, CVE-2022-26365, CVE-2022-32296, CVE-2022-33740, CVE-2022-33744
SHA-256 | bb436ae63b3f91c9dfed130a86644c3894b7ad882173b42202f825bfc7a1644c
Ubuntu Security Notice USN-5669-2
Posted Oct 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5669-2 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-0812, CVE-2022-2318, CVE-2022-26365, CVE-2022-32296, CVE-2022-33740, CVE-2022-33744
SHA-256 | b2d9860dd11d25287d01ff35739e97ef4f64df7bf6643f2f2531e73e03bd7e57
Ubuntu Security Notice USN-5660-1
Posted Oct 6, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5660-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1729, CVE-2022-2503, CVE-2022-32296, CVE-2022-36946
SHA-256 | 3fa9c60ebc5c735b20c3f02fb40da4128363e66b4616625f948ee4c8c71b6ca8
Ubuntu Security Notice USN-5654-1
Posted Oct 5, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5654-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1729, CVE-2022-2503, CVE-2022-32296, CVE-2022-36946
SHA-256 | fcef8524d85c9359df4ccd3789bdc823a684d3646a9a354909cc72b92658548a
Ubuntu Security Notice USN-5647-1
Posted Sep 29, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5647-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1729, CVE-2022-2503, CVE-2022-32296, CVE-2022-36946
SHA-256 | f646132213ac5199fd0835b743af47740f9030b83556dc9ad35a5af5da00ade0
Ubuntu Security Notice USN-5639-1
Posted Sep 27, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5639-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1729, CVE-2022-2503, CVE-2022-32296, CVE-2022-36946
SHA-256 | 096894dc371668fb2eeabb28308ddc62fdaa1c1a1d4f97b060b48eefdd5f6586
Ubuntu Security Notice USN-5630-1
Posted Sep 23, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5630-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1729, CVE-2022-2503, CVE-2022-32296, CVE-2022-36946
SHA-256 | c7c0c0227fda6e6bf4499a2c48b667c084b37cc6c2d87ab84b3410ec00d70af1
Ubuntu Security Notice USN-5623-1
Posted Sep 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5623-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33061, CVE-2021-33655, CVE-2022-1729, CVE-2022-1852, CVE-2022-1943, CVE-2022-1973, CVE-2022-2318, CVE-2022-2503, CVE-2022-26365, CVE-2022-2873, CVE-2022-2959, CVE-2022-32296, CVE-2022-33740, CVE-2022-33743
SHA-256 | 66e07fde9b2f0ceb8d17443fb1c31d6a38d2a48d2df851450322abe3437cfe75
Ubuntu Security Notice USN-5622-1
Posted Sep 21, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5622-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33655, CVE-2022-1729, CVE-2022-2503, CVE-2022-32296, CVE-2022-36946
SHA-256 | 5c33f90fb992303748572c66b36601509148fb06281517205f43d8b46f9c7a99
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close