Search CVE reports
1 – 6 of 6 results
A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmp_parse_inbound_frame of the file src/apps/snmp/snmp_msg.c of the component snmpv3 USM Handler. Performing a manipulation of the...
1 affected package
lwip
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| lwip | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6.
4 affected packages
gemmi, falcosecurity-libs, lwip, tcl8.6
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| gemmi | Needs evaluation | Needs evaluation | Needs evaluation | Not in release | Ignored |
| falcosecurity-libs | Needs evaluation | Needs evaluation | Not in release | Not in release | Ignored |
| lwip | Not affected | Not affected | Not affected | Not affected | Ignored |
| tcl8.6 | Not affected | Not affected | Not affected | Not affected | Not affected |
A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet.
1 affected package
lwip
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| lwip | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.
1 affected package
lwip
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| lwip | Not affected | Not affected | Not affected | Vulnerable | Not in release |
Some fixes available 17 of 19
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
2 affected packages
ppp, lwip
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| ppp | Fixed | Fixed | Fixed | Fixed | Fixed |
| lwip | Not affected | Not affected | Not affected | Needs evaluation | Not in release |
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier, does not use random values for ID fields and source ports of DNS query packets, which makes it easier for man-in-the-middle attackers to...
1 affected package
lwipv6
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| lwipv6 | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |