Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2010-1086

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-06 Apr, 2010 | 22:00
Updated At-07 Aug, 2024 | 01:14
Rejected At-
Credits

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:06 Apr, 2010 | 22:00
Updated At:07 Aug, 2024 | 01:14
Rejected At:
▼CVE Numbering Authority (CNA)

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2010/03/01/1
mailing-list
x_refsource_MLIST
http://www.redhat.com/support/errata/RHSA-2010-0394.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/39649
third-party-advisory
x_refsource_SECUNIA
https://bugzilla.redhat.com/show_bug.cgi?id=569237
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569
vdb-entry
signature
x_refsource_OVAL
http://support.avaya.com/css/P8/documents/100090459
x_refsource_CONFIRM
http://secunia.com/advisories/43315
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2010-0398.html
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
vendor-advisory
x_refsource_SUSE
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
vendor-advisory
x_refsource_SUSE
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
x_refsource_CONFIRM
http://secunia.com/advisories/39742
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/css/P8/documents/100088287
x_refsource_CONFIRM
http://www.debian.org/security/2010/dsa-2053
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/archive/1/516397/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/39830
third-party-advisory
x_refsource_SECUNIA
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d
x_refsource_CONFIRM
http://www.securityfocus.com/bid/38479
vdb-entry
x_refsource_BID
Hyperlink: http://www.openwall.com/lists/oss-security/2010/03/01/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0394.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/39649
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=569237
Resource:
x_refsource_CONFIRM
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://support.avaya.com/css/P8/documents/100090459
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/43315
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0398.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.novell.com/linux/security/advisories/2010_23_kernel.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/39742
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://support.avaya.com/css/P8/documents/100088287
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.debian.org/security/2010/dsa-2053
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/39830
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/38479
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2010/03/01/1
mailing-list
x_refsource_MLIST
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0394.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/39649
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=569237
x_refsource_CONFIRM
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://support.avaya.com/css/P8/documents/100090459
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/43315
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0398.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.novell.com/linux/security/advisories/2010_23_kernel.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/39742
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://support.avaya.com/css/P8/documents/100088287
x_refsource_CONFIRM
x_transferred
http://www.debian.org/security/2010/dsa-2053
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/archive/1/516397/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/39830
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/38479
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2010/03/01/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0394.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/39649
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=569237
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://support.avaya.com/css/P8/documents/100090459
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/43315
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0398.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2010_23_kernel.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/39742
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://support.avaya.com/css/P8/documents/100088287
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.debian.org/security/2010/dsa-2053
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/39830
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/38479
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:06 Apr, 2010 | 22:30
Updated At:11 Apr, 2025 | 00:51

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions up to 2.6.33(inclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>5.0
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2010-04-07T00:00:00

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2010-1086 This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include support for ULE (Unidirectional Lightweight Encapsulation). A future update in Red Hat Enterprise Linux 4, 5 and Red Hat Enterprise MRG may address this flaw.

References
HyperlinkSourceResource
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151dcve@mitre.org
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.htmlcve@mitre.org
Mailing List
Third Party Advisory
http://secunia.com/advisories/39649cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/39742cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/39830cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/43315cve@mitre.org
Third Party Advisory
http://support.avaya.com/css/P8/documents/100088287cve@mitre.org
Third Party Advisory
http://support.avaya.com/css/P8/documents/100090459cve@mitre.org
Third Party Advisory
http://www.debian.org/security/2010/dsa-2053cve@mitre.org
Third Party Advisory
http://www.novell.com/linux/security/advisories/2010_23_kernel.htmlcve@mitre.org
Third Party Advisory
http://www.openwall.com/lists/oss-security/2010/03/01/1cve@mitre.org
Mailing List
Patch
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0394.htmlcve@mitre.org
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0398.htmlcve@mitre.org
Third Party Advisory
http://www.securityfocus.com/archive/1/516397/100/0/threadedcve@mitre.org
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/38479cve@mitre.org
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2011-0003.htmlcve@mitre.org
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=569237cve@mitre.org
Issue Tracking
Patch
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569cve@mitre.org
Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151daf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://secunia.com/advisories/39649af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/39742af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/39830af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43315af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.avaya.com/css/P8/documents/100088287af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.avaya.com/css/P8/documents/100090459af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2010/dsa-2053af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.novell.com/linux/security/advisories/2010_23_kernel.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.openwall.com/lists/oss-security/2010/03/01/1af854a3a-2127-422b-91ae-364da2661108
Mailing List
Patch
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0394.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0398.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/archive/1/516397/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/38479af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.vmware.com/security/advisories/VMSA-2011-0003.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=569237af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Patch
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://secunia.com/advisories/39649
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/39742
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/39830
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43315
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://support.avaya.com/css/P8/documents/100088287
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://support.avaya.com/css/P8/documents/100090459
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2010/dsa-2053
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.novell.com/linux/security/advisories/2010_23_kernel.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2010/03/01/1
Source: cve@mitre.org
Resource:
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0394.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0398.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/38479
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=569237
Source: cve@mitre.org
Resource:
Issue Tracking
Patch
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=29e1fa3565a7951cc415c634eb2b78dbdbee151d
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00007.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://secunia.com/advisories/39649
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/39742
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/39830
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43315
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://support.avaya.com/css/P8/documents/100088287
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://support.avaya.com/css/P8/documents/100090459
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2010/dsa-2053
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.novell.com/linux/security/advisories/2010_23_kernel.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2010/03/01/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0394.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0398.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/archive/1/516397/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/38479
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.vmware.com/security/advisories/VMSA-2011-0003.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=569237
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Patch
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10569
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

211Records found
CVE-2015-4047
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-3.59% / 87.30%
||
7 Day CHG~0.00%
Published-29 May, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

Action-Not Available
Vendor-ipsec-toolsn/aFedora ProjectDebian GNU/LinuxF5, Inc.Canonical Ltd.
Product-big-iq_devicebig-iq_adcbig-ip_protocol_security_managerbig-ip_analyticsenterprise_managerbig-iq_centralized_managementbig-ip_local_traffic_managerbig-ip_domain_name_systembig-iq_securitydebian_linuxbig-ip_advanced_firewall_managerbig-iq_cloudbig-ip_link_controllerbig-ip_edge_gatewayfedorabig-ip_application_acceleration_managerbig-ip_wan_optimization_managerubuntu_linuxbig-ip_application_security_managerbig-ip_global_traffic_managerbig-ip_webacceleratorbig-iq_cloud_and_orchestrationipsec-toolsbig-ip_policy_enforcement_managerbig-ip_access_policy_managern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-1465
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-7.72% / 91.57%
||
7 Day CHG~0.00%
Published-05 Apr, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-linux_kernelubuntu_linuxn/a
CVE-2015-1779
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.6||HIGH
EPSS-5.08% / 89.39%
||
7 Day CHG~0.00%
Published-12 Jan, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.Fedora ProjectDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-enterprise_linuxenterprise_linux_serverenterprise_linux_server_ausqemuenterprise_linux_eusfedoraubuntu_linuxenterprise_linux_server_tusenterprise_linux_workstationdebian_linuxlinuxvirtualizationn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2015-1414
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.56% / 67.41%
||
7 Day CHG~0.00%
Published-27 Feb, 2015 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which triggers an incorrect size calculation and allocation of insufficient memory.

Action-Not Available
Vendor-netgaten/aDebian GNU/LinuxFreeBSD Foundation
Product-debian_linuxfreebsdpfsensen/a
CVE-2014-9428
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-7.8||HIGH
EPSS-2.95% / 85.93%
||
7 Day CHG~0.00%
Published-02 Jan, 2015 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers to cause a denial of service (mesh-node system crash) via fragmented packets.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2018-20843
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.69% / 90.04%
||
7 Day CHG~0.00%
Published-24 Jun, 2019 | 16:06
Updated-30 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

Action-Not Available
Vendor-libexpat_projectn/aOracle CorporationopenSUSEDebian GNU/LinuxFedora ProjectTenable, Inc.Canonical Ltd.
Product-hospitality_res_3700outside_in_technologynessuslibexpatleapfedoradebian_linuxubuntu_linuxhttp_servern/a
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2013-7445
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-1.13% / 77.43%
||
7 Day CHG~0.00%
Published-16 Oct, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CVE-2021-20312
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.14%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 00:00
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in ImageMagick in versions 7.0.11, where an integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c may trigger undefined behavior via a crafted image file that is submitted by an attacker and processed by an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxImageMagick Studio LLC
Product-debian_linuximagemagickImageMagick
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-20309
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.57% / 67.61%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 00:00
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in ImageMagick in versions before 7.0.11 and before 6.9.12, where a division by zero in WaveImage() of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxImageMagick Studio LLC
Product-debian_linuximagemagickImagemMagick
CWE ID-CWE-369
Divide By Zero
CVE-2017-12545
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-8
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.5||HIGH
EPSS-15.51% / 94.41%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 22:00
Updated-17 Sep, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found.

Action-Not Available
Vendor-Microsoft CorporationHewlett Packard Enterprise (HPE)HP Inc.Linux Kernel Organization, Inc
Product-windowssystem_management_homepagelinux_kernelSystem Management Homepage for Windows and Linux
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-6014
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 61.30%
||
7 Day CHG~0.00%
Published-17 Feb, 2017 | 07:45
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-debian_linuxwiresharkn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found