CVE-2015-1570

The Endpoint Control protocol implementation in Fortinet FortiClient 5.2.3.091 for Android and 5.2.028 for iOS does not validate certificates, which makes it easier for man-in-the-middle attackers to spoof servers via a crafted certificate...

The vulnerability of the sctp_sf_do_dupcook_a() function in the net/sctp/sm_statefuns.c module of the SCTP protocol implementation in the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the sctpsfdodupcooka function in the net/sctp/smstatefuns.c module of the Linux operating system’s SCTP protocol implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-41399

When a Stream Control Transmission Protocol SCTP profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. A security vulnerability exists in F5 BIG-IP that stems from an SCTP configuration that results in increased memory resource utilization...

Avoid Using Uncommon Network Services

Some protocols are seldom used and their communities develop slowly. Therefore, related security issues cannot be quickly resolved. If these protocols are not disabled, attackers may exploit the protocols or code vulnerabilities to launch attacks. Stream Control Transmission Protocol SCTP is used...

CLSA-2025-1746479711 kernel-uek: Fix of 218 CVEs

sctp: sysctl: authenable: avoid using current-nsproxy - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy CVE-2025-21640 - bpf: Use preemptcount directly in bpfsendsignalcommon - Revert "sctp: sysctl: cookiehmacalg: avoid using current-nsproxy" - jfs: fix slab-out-of-bounds read in eaget -...

CVE-2025-25504

An issue in the /usr/local/bin/jncs.sh script of Gefen WebFWC In AV over IP products v1.85h, v1.86v, and v1.70 allows attackers with network access to connect to the device over TCP port 4444 without authentication and execute arbitrary commands with root privileges...

The vulnerability of the TCP protocol implementation in Juniper Networks’ Junos OS routers MX240, MX480, and MX960 allows a attacker to cause service interruptions.

The vulnerability of the TCP protocol implementation in Juniper Networks’ Junos OS routers of the MX240, MX480, and MX960 models is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially craft...

SUSE CVE-2025-23142

In the Linux kernel, the following vulnerability has been resolved: sctp: detect and prevent references to a freed transport in sendmsg sctpsendmsg re-uses associations and transports when possible by doing a lookup based on the socket endpoint and the message destination address, and then...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from sctp not clearing outcurr, which could lead to a list deletion error...

The vulnerability of the Control Protocol Director (l2cpd) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Control Protocol Director l2cpd in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to type errors in implicit conversions. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted LL...

SUSE-SU-2025:20191-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: - CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails bsc1230998 - CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcprtodeltaus bsc1231993 - CVE-2024-50302: Fixed HID: core: zero-initialize...

SUSE-SU-2025:20188-1 Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: - CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 - CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 - CVE-2024-46815: Fixed drm/amd/display: check numvalidsets...

SUSE-SU-2025:20189-1 Security update for kernel-livepatch-MICRO-6-0_Update_3

This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: - CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 - CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452 - CVE-2024-50302: Fixed HID: core: zero-initialize th...

SUSE-SU-2025:20186-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: - CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 - CVE-2024-46818: Fixed drm/amd/display: check gpioid before used as array index bsc1231204 - CVE-2024-46815: Fixed drm/amd/display: check...

UBUNTU-CVE-2025-22101

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix Tx L4 checksum The hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol. There was a bug to set Tx checksum flag for the other protocol that results in Tx ring hang. Fix to compute software checksu...

kernel: tcp: make sure init the accept_queue's spinlocks once

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the acceptqueue's spinlocks once When I run syz's reproduction C program locally, it causes the following issue: pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0! WARNING: CPU: 19 PID: 21160 at...

PT-2025-38559

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the TCP-AO failure handling for IPv6 within the Linux kernel. Specifically, when tcp ao copy all matching fails in tcp v6 syn recv sock, the function exits withou...

CVE-2025-30646

A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon l2cpd of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent attacker sending a specifically malformed LLDP TLV to cause the l2cpd process to crash and restart...

CVE-2025-30646

CVE-2025-30646 affects Junos OS and Junos OS Evolved. A Signed to Unsigned Conversion Error in the Layer 2 Control Protocol daemon (l2cpd) allows an unauthenticated adjacent attacker to cause the l2cpd process to crash and restart by sending a specially formed LLDP TLV, yielding a Denial of Servi...