VyOS 1.3.1-S1 security release
Hello Community! VyOS 1.3.1-S1 security release is now available to customers and contributors to download, and everyone can build it from the source. It fixes ...
Category: VyOS Platform Blog | security (2)
CVE-2022-0778: remote DoS in OpenSSL, VyOS 1.3.0 is affected
Hello Community! Yesterday the OpenSSL team disclosed a remote DoS vulnerability in OpenSSL versions 1.0.2, 1.1.1, and 3.0. You can find a complete description ...
Log4Shell vulnerability
Hello Community! Everyone is talking about the CVE-2021-44228 vulnerability recently found in the Log4j logging library, which was nicknamed Log4Shell because i...
VyOS 1.2.6-S1 security release
VyOS 1.2.6 release was found to be suspectible to CVE-2020-10995. It's a low-impact vulnerability in the PowerDNS recursor that allows an attacker to cause perf...
CVE-2019-11477 (TCP SACK panic) and an Intel i40e driver issue
Recently discovered vulnerability in the Linux kernel's TCP selective acknowledgement processing code potentially allows a remote attacker to cause a kernel pan...
The "operator" level is proved insecure and will be removed in the next releases
The operator level in VyOS is a legacy feature that was inherited from the forked Vyatta Core code. It was always relatively obscure, and I don't think anyone r...
On security of GRE/IPsec scenarios
As we've already discussed, there are many ways to setup GRE (or something else) over IPsec and they all have their advantages and disadvantages. Recently an is...
The meltdown and spectre vulnerabilities
Everyone is talking about the meltdown and the spectre vulnerabilities now. If you are late to the party, read https://meltdownattack.com/ Of course we are awar...
Update on the AWS SSH key fetching issue
We have fixed the issue with key fetching and submitted the updated AMI for review. It passed the automated scan, but manual review and deployment to the market...
