PT-2025-8504 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data-race issue exists around sysctl tcp max reordering in the Linux kernel. The value of sysctl tcp max reordering can be changed concurrently while it is being read, which requires...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from tcp not properly handling tp-sndcwnd access and settings...

The vulnerability of the sctp component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the sctp component in the Linux operating system’s kernel is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

Security Bulletin: This Power System update is being released to address CVE-2023-52881

Summary This affects the BMC's network transmission control protocol TCP interface which affects aspects of interfaces that use TCP including the BMC's secure shell SSH, HTTPS interfaces including the BMC's webserver, REST APIs, and ASMi web application, and event and subscriptions services. An...

The vulnerability in the implementation of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol for the FortiOS operating system allows a hacker to execute arbitrary code or commands.

The vulnerability of the Control and Provisioning of Wireless Access Points CAPWAP implementation in the FortiOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or commands by sending specially crafted U...

Cente middleware TCP/IP Network Series 缓冲区错误漏洞

The Cente middleware TCP/IP Network Series is a series of network devices from Cente Japan. A buffer error vulnerability exists in Cente middleware TCP/IP Network Series that stems from improper checking of TCP MSS option values, resulting in an out-of-bounds read vulnerability...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet: The cqe.result field must always be initialized. The specification does not require that the first two double-word fields also known as “results” for a command queue entry need to be set to 0 when they are not used this is...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queuelock lock and destroy Commit 76d54bf20cdc "nvme-tcp: don’t access released sockets during error recovery" added a mutexlock call for the queue-queuelock in nvmetcpgetaddress. However, the...

Astra Linux - уязвимость в bind9

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0...

The vulnerability of the TCP component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the TCP component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

nvme: tcp: avoid race between queue_lock lock and destroy

...

kernel: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().

A use-after-free UAF vulnerability was found and fixed in the Linux kernel's TCP subsystem related to request socket reqsk timers during handshake handling. This issue stems from a race condition caused by relying on timerpending in reqskqueueunlink. This could result in the timer continuing to r...

PT-2025-2383 · Unknown · Openairinterface Cn5G Amf

Name of the Vulnerable Software and Affected Versions: OpenAirInterface CN5G AMF oai-cn5g-amf versions up to v2.0.0 Description: The issue is related to improper file descriptor handling for closed connections, which allows attackers to cause a Denial of Service DoS by repeatedly establishing SCT...

DEBIAN-CVE-2025-21636

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtudprobeinterval: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info fro...

DEBIAN-CVE-2025-21637

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udpport: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

DEBIAN-CVE-2025-21638

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: authenable: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

The vulnerability of the sctp_v6_available() function in the net/sctp/ipv6.c module of the Linux operating system’s SCTP protocol implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sctpv6available function in the net/sctp/ipv6.c module of the Linux operating system’s SCTP protocol implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...

UBUNTU-CVE-2024-55627

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer...

Suricata 安全漏洞

Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.8, which stems from an unsigned integer underflow, where a specially crafted TCP stream may cause a very large buffer overflow when padded...

PT-2025-37957

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw was discovered in the Linux kernel related to the initialization of fields within the sctp v6 from sk function in the SCTP Stream Control Transmission Protocol implementation...