Ubuntu Security Update USN-7966-2: Telegraf vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,787
Reaction score
74
Credits
-1,257
USN-7966-1 fixed vulnerabilities in Snowflake. This update provides the corresponding updates for Telegraf. Original advisory details: It was discovered that Pion DTLS, vendored in Telegraf, did not impose a limit on the amount of data that was buffered during the handshake. An attacker could possibly use the issue to cause a denial of service. (CVE-2022-29189) It was discovered that Pion DTLS, vendored in Telegraf, did not prevent the fragmentBuffer from processing zero length fragments. An attacker could possibly use the issue to cause a denial of service. (CVE-2022-29190) It was discovered that Pion DTLS, vendored in Telegraf, did not require CertificateVerify when Client Cert was sent. An attacker could possibly use the issue to cause a denial of service. (CVE-2022-29222)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-7966-1: Snowflake vulnerabilities
Replies
0
Views
87
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8284-1: GnuTLS vulnerabilities
Replies
0
Views
119
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8089-2: Go Networking vulnerabilities
Replies
0
Views
85
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8202-2: jq vulnerabilities
Replies
0
Views
141
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8115-1: pyOpenSSL vulnerabilities
Replies
0
Views
92
LinuxBot
LinuxBot


Follow Linux.org

Members online

Total: 2,653 (members: 1, guests: 2,652)

Latest posts

Top