PT-2025-52287

Name of the Vulnerable Software and Affected Versions omec-project UPF versions up to 2.1.3-dev Description A denial-of-service issue exists in the UPF component upf-epc/pfcpiface. When the UPF receives a PFCP Association Setup Request lacking the mandatory NodeID Information Element, the...

UPF 安全漏洞

UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF upf-epc-pfcpiface:version 2.1.3-dev, which originates from dereferencing a null pointer when processing a PFCP session report response that lacks a cause information element, which could...

CVE-2025-65559

CVE-2025-65559 – Open5GS vulnerability affecting Open5GS 2.7.5-49-g465e90f. Processing a PFCP Session Establishment Request (type=50) can trigger a reachable assertion in lib/pfcp/context.c (ogs_pfcp_object_teid_hash_set) when CreatePDR?PDI?F-TEID has CH=1 and the F-TEID address-family flags (IPv...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability

A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...

kernel: sctp: linearize cloned gso packets in sctp_rcv

A flaw use of uninitialized memory uncontrolled and invisible by attacker in the Linux kernel SCTP transport protocol was found in the way user triggers malicious SCTP packets. A remote user could use this flaw to crash the system. The bug actual only for systems where SCTP protocol being enabled...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability

A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...

kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability

A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

kernel: Linux kernel: Privilege escalation or Denial of Service via TCP Fast Open vulnerability

A flaw was found in the Linux kernel. A local attacker with low privileges could exploit a memory corruption vulnerability, specifically a use-after-free and double-free, within the TCP Fast Open TFO socket processing. This occurs when a listener is closed while a TFO socket is being processed in...

kernel: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect()

A flaw was found in the TCP subsystem in tcpdisconnect of the Linux kernel.The server-side TCP Fast Open socket was reused as a new client before the TFO socket completes, leading to an information leak...

SUSE CVE-2025-68206

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections Sequence adjustment may be required for FTP traffic with PASV/EPSV modes. due to need to re-write packet payload IP, port on the ftp control connection. This can requi...

EUVD-2025-203708

In the Linux kernel, the following vulnerability has been resolved: tcp: use dstdevrcu in tcpfastopenactivedisableofocheck Use RCU to avoid a pair of atomic operations and a potential UAF on dstdev-flags...

SUSE CVE-2025-59030

An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP...

[SECURITY] [DSA 6077-1] pdns-recursor security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6077-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso December 10, 2025 https://www.debian.org/security/faq -...

SUSE CVE-2022-50676

In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting lockdep warning at rdstcpresetcallbacks 1, for commit ac3615e7f3cffe2a "RDS: TCP: Reduce code duplication in rdstcpresetcallbacks"...

EUVD-2025-201912

An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP...

EUVD-2025-201923

Affected products do not properly enforce TCP sequence number validation in specific scenarios but accept values within a broad range. This could allow an unauthenticated remote attacker e.g. to interfere with connection setup, potentially leading to a denial of service. The attack succeeds only ...