CVE-2021-23270

HIGH Year: 2021
CVSS v3 Score
7.5
High
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-834
View all →

Vulnerability Description

In Gargoyle OS 1.12.0, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.

Related Vulnerabilities

CVE-2017-11188

HIGH
CVSS:7.5(High)

The ReadDPXImage function in coders\dpx.c in ImageMagick 7.0.6-0 has a large loop vulnerability that can cause CPU exhaustion via a crafted DPX file, related to lack of an EOF check.

CWE-8342017

CVE-2017-11409

HIGH
CVSS:7.5(High)

In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type.

CWE-8342017

CVE-2018-11813

HIGH
CVSS:7.5(High)

libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.

CWE-8342018

CVE-2018-14342

HIGH
CVSS:7.5(High)

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute...

CWE-8342018

CVE-2018-7321

HIGH
CVSS:7.5(High)

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type.

CWE-8342018

CVE-2018-7323

HIGH
CVSS:7.5(High)

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing.

CWE-8342018