VYPR

rpm package

suse/open-iscsi&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP1

pkg:rpm/suse/open-iscsi&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1

Vulnerabilities (4)

  • CVE-2020-17438CriDec 11, 2020
    affected < 2.0.876-13.42.1fixed 2.0.876-13.42.1

    An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP

  • CVE-2020-17437HigDec 11, 2020
    affected < 2.0.876-13.42.1fixed 2.0.876-13.42.1

    An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the

  • CVE-2020-13988HigDec 11, 2020
    affected < 2.0.876-13.42.1fixed 2.0.876-13.42.1

    An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.

  • CVE-2020-13987HigDec 11, 2020
    affected < 2.0.876-13.42.1fixed 2.0.876-13.42.1

    An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.