#dos

A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service (DoS) via a crafted Z-Wave message.

A vulnerability in Aeotec WallMote Switch firmware v2.3 allows attackers to cause a Denial of Service (DoS) via a crafted Z-Wave message.

Taiwanese company ASUS on Monday released firmware updates to address, among other issues, nine security bugs impacting a wide range of router models. Of the nine security flaws, two are rated Critical and six are rated High in severity. One vulnerability is currently awaiting analysis. The list of impacted products are GT6, GT-AXE16000, GT-AX11000 PRO, GT-AXE11000, GT-AX6000, GT-AX11000,

An update for c-ares is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32067: A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service.

A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service.

Ubuntu Security Notice 6177-1 - It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2023-3662-01 - The c-ares C library defines asynchronous DNS requests and provides name resolving API. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice 6166-2 - USN-6166-1 fixed a vulnerability in libcap2. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. Richard Weinberger discovered that libcap2 incorrectly handled certain long input strings. An attacker could use this issue to cause libcap2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice 6176-1 - It was discovered that PyPDF2 incorrectly handled certain PDF files. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service.

Ubuntu Security Notice 6167-1 - It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. A malicious guest driver could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. It was discovered that QEMU did not properly check the size of the structure pointed to by the guest physical address pqxl. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10.