|
Reliable Datagram Sockets
Reliable Datagram Sockets (RDS) is a high-performance, low-latency, reliable, connectionless protocol for delivering datagrams. It is developed by Oracle Corporation. It was included in the Linux kernel 2.6.30 which was released on 9th of June, 2009. The code was contributed by the OpenFabrics Alliance (OFA). On October 19, 2010, VSR announced , a vulnerability within the Linux 2.6.30 kernel which could result in a local privilege escalation via the kernel's implementation of RDS. This was subsequently fixed in Linux 2.6.36. On May 8, 2019, was published, regarding a race condition in the Linux RDS implementation that could lead to a use-after-free bug and possible arbitrary code execution. The bug has been fixed in Linux 5.0.8. See also * Transmission Control Protocol * Stream Control Transmission Protocol * User Datagram Protocol * UDP-Lite UDP-Lite (Lightweight User Datagram Protocol) is a connectionless protocol that allows a potentially damaged data payload to be deli ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Low-latency
Latency, from a general point of view, is a time delay between the cause and the effect of some physical change in the system being observed. Lag, as it is known in gaming circles, refers to the latency between the input to a simulation and the visual or auditory response, often occurring because of network delay in online games. Latency is physically a consequence of the limited velocity at which any physical interaction can propagate. The magnitude of this velocity is always less than or equal to the speed of light. Therefore, every physical system with any physical separation (distance) between cause and effect will experience some sort of latency, regardless of the nature of the stimulation at which it has been exposed to. The precise definition of latency depends on the system being observed or the nature of the simulation. In communications, the lower limit of latency is determined by the medium being used to transfer information. In reliable two-way communication syst ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Use-after-free
Dangling pointers and wild pointers in computer programming are pointers that do not point to a valid object of the appropriate type. These are special cases of memory safety violations. More generally, dangling references and wild references are references that do not resolve to a valid destination. Dangling pointers arise during object destruction, when an object that has an incoming reference is deleted or deallocated, without modifying the value of the pointer, so that the pointer still points to the memory location of the deallocated memory. The system may reallocate the previously freed memory, and if the program then dereferences the (now) dangling pointer, '' unpredictable behavior may result'', as the memory may now contain completely different data. If the program writes to memory referenced by a dangling pointer, a silent corruption of unrelated data may result, leading to subtle bugs that can be extremely difficult to find. If the memory has been reallocated to anot ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Transport Layer Protocols
Transport (in British English), or transportation (in American English), is the intentional movement of humans, animals, and goods from one location to another. Modes of transport include air, land (rail and road), water, cable, pipeline, and space. The field can be divided into infrastructure, vehicles, and operations. Transport enables human trade, which is essential for the development of civilizations. Transport infrastructure consists of both fixed installations, including roads, railways, airways, waterways, canals, and pipelines, and terminals such as airports, railway stations, bus stations, warehouses, trucking terminals, refueling depots (including fueling docks and fuel stations), and seaports. Terminals may be used both for interchange of passengers and cargo and for maintenance. Means of transport are any of the different kinds of transport facilities used to carry people or cargo. They may include vehicles, riding animals, and pack animals. Vehicles may incl ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Network Socket
A network socket is a software structure within a network node of a computer network that serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by an application programming interface (API) for the networking architecture. Sockets are created only during the lifetime of a process of an application running in the node. Because of the standardization of the TCP/IP protocols in the development of the Internet, the term ''network socket'' is most commonly used in the context of the Internet protocol suite, and is therefore often also referred to as Internet socket. In this context, a socket is externally identified to other hosts by its socket address, which is the triad of transport protocol, IP address, and port number. The term ''socket'' is also used for the software endpoint of node-internal inter-process communication (IPC), which often uses the same API as a network socket. Use The use of the term ''socke ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
UDP-Lite
UDP-Lite (Lightweight User Datagram Protocol) is a connectionless protocol that allows a potentially damaged data payload to be delivered to an application rather than being discarded by the receiving station. This is useful as it allows decisions about the integrity of the data to be made in the application layer (application or the codec), where the significance of the bits is understood. UDP-Lite is described in . Protocol UDP-Lite is based on User Datagram Protocol (UDP), but unlike UDP, where either all or none of a packet is protected by a checksum, UDP-Lite allows for ''partial checksums'' that only covers part of a datagram (an arbitrary count of octets at the beginning of the packet), and will therefore deliver packets that have been partially corrupted. It is designed for multimedia protocols, such as Voice over IP (VoIP) or streamed video, in which receiving a packet with a damaged payload is better than receiving no packet at all. For conventional UDP and Transmissi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
User Datagram Protocol
In computer networking, the User Datagram Protocol (UDP) is one of the core communication protocols of the Internet protocol suite used to send messages (transported as datagrams in packets) to other hosts on an Internet Protocol (IP) network. Within an IP network, UDP does not require prior communication to set up communication channels or data paths. UDP uses a simple connectionless communication model with a minimum of protocol mechanisms. UDP provides checksums for data integrity, and port numbers for addressing different functions at the source and destination of the datagram. It has no handshaking dialogues, and thus exposes the user's program to any unreliability of the underlying network; there is no guarantee of delivery, ordering, or duplicate protection. If error-correction facilities are needed at the network interface level, an application may instead use Transmission Control Protocol (TCP) or Stream Control Transmission Protocol (SCTP) which are designed for this ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Stream Control Transmission Protocol
The Stream Control Transmission Protocol (SCTP) is a computer networking communications protocol in the transport layer of the Internet protocol suite. Originally intended for Signaling System 7 (SS7) message transport in telecommunication, the protocol provides the message-oriented feature of the User Datagram Protocol (UDP), while ensuring reliable, in-sequence transport of messages with congestion control like the Transmission Control Protocol (TCP). Unlike UDP and TCP, the protocol supports multihoming and redundant paths to increase resilience and reliability. SCTP is standardized by the Internet Engineering Task Force (IETF) in . The SCTP reference implementation was released as part of FreeBSD version 7, and has since been widely ported to other platforms. Formal oversight The IETF Signaling Transport (SIGTRAN) working group defined the protocol (number 132) in October 2000, and the IETF Transport Area (TSVWG) working group maintains it. defines the protocol. provides an ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Transmission Control Protocol
The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network. Major internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP, which is part of the Transport Layer of the TCP/IP suite. SSL/TLS often runs on top of TCP. TCP is connection-oriented, and a connection between client and server is established before data can be sent. The server must be listening (passive open) for connection requests from clients before a connection is established. Three-way handshake (active open), retransmission, and error detection adds to reliability but lengthens latency. Applica ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Arbitrary Code Execution
In computer security, arbitrary code execution (ACE) is an attacker's ability to run any commands or code of the attacker's choice on a target machine or in a target process. An arbitrary code execution vulnerability is a security flaw in software or hardware allowing arbitrary code execution. A program that is designed to exploit such a vulnerability is called an arbitrary code execution exploit. The ability to trigger arbitrary code execution over a network (especially via a wide-area network such as the Internet) is often referred to as remote code execution (RCE). Vulnerability types There are a number of classes of vulnerability that can lead to an attacker's ability to execute arbitrary commands or code. For example: * Memory safety vulnerabilities such as buffer overflows or over-reads. * Deserialization vulnerabilities * Type confusion vulnerabilities * GNU LDD arbitrary code execution Methods Arbitrary code execution is commonly achieved through control over th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Race Condition
A race condition or race hazard is the condition of an electronics, software, or other system where the system's substantive behavior is dependent on the sequence or timing of other uncontrollable events. It becomes a bug when one or more of the possible behaviors is undesirable. The term ''race condition'' was already in use by 1954, for example in David A. Huffman's doctoral thesis "The synthesis of sequential switching circuits". Race conditions can occur especially in logic circuits, multithreaded, or distributed Distribution may refer to: Mathematics *Distribution (mathematics), generalized functions used to formulate solutions of partial differential equations *Probability distribution, the probability of a particular value or value range of a varia ... software programs. In electronics A typical example of a race condition may occur when a logic gate combines signals that have traveled along different paths from the same source. The inputs to the gate can chan ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Reliability (computer Networking)
In computer networking, a reliable protocol is a communication protocol that notifies the sender whether or not the delivery of data to intended recipients was successful. Reliability is a synonym for assurance, which is the term used by the ITU and ATM Forum. Reliable protocols typically incur more overhead than unreliable protocols, and as a result, function more slowly and with less scalability. This often is not an issue for unicast protocols, but it may become a problem for reliable multicast protocols. Transmission Control Protocol (TCP), the main protocol used on the Internet, is a reliable unicast protocol; it provides the abstraction of a reliable byte stream to applications. UDP is an unreliable protocol and is often used in computer games, streaming media or in other situations where speed is an issue and some data loss may be tolerated because of the transitory nature of the data. Often, a reliable unicast protocol is also connection oriented. For example, TCP is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
National Vulnerability Database
The National Vulnerability Database (NVD) is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics. NVD supports the Information Security Automation Program (ISAP). On Friday March 8, 2013, the database was taken offline after it was discovered that the system used to run multiple government sites had been compromised by a software vulnerability of Adobe ColdFusion. In June 2017, threat intel firm Recorded Future revealed that the median lag between a CVE being revealed to ultimately being published to the NVD is 7 days and that 75% of vulnerabilities are published unofficially before making it to the NVD, giving attackers time to exploit the vulnerability. In addit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
