SUSE CVE-2015-6496

conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service crash via a 1 DCCP, 2 SCTP, or 3 ICMPv6 packet...

SUSE CVE-2016-8645

The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service system crash via a crafted application that makes sendto system calls, related to net/ipv4/tcpipv4.c and net/ipv6/tcpipv6.c...

SUSE CVE-2017-5972

The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service CPU consumption by sending many TCP SYN packets, as demonstrated by an attack against the...

SUSE CVE-2017-6074

The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service double free via an application that makes an IPV6RECVPKTINF...

SUSE CVE-2017-6214

The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via vectors involving a TCP packet with the URG flag...

SUSE CVE-2017-12895

The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmpprint...

SUSE CVE-2017-15115

The sctpdopeeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service use-after-free and system crash or possibly have unspecified other impact via crafted syste...

SUSE CVE-2018-5803

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP packets length can be exploited to cause a kernel crash...

SUSE CVE-2018-11355

In Wireshark 2.6.0, the RTCP dissector could crash. This was addressed in epan/dissectors/packet-rtcp.c by avoiding a buffer overflow for packet status chunks...

SUSE CVE-2018-15173

Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service stack consumption and application crash via a crafted TCP-based service...

SUSE CVE-2019-3874

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable...

SUSE CVE-2020-6532

Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2020-35684

An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size extracted from the IP header to compute the length of the TCP payload within the TCP checksum computation function. When the IP payload size is set to be smaller tha...

SUSE CVE-2021-3772

A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses...

Zuken Elmic KASAGO uses insufficient random values for TCP Initial Sequence Numbers

Overview Zuken Elmic KASAGO, TCP/IP protocol stack for embedded systems, uses its own random number generator function when generating TCP initial sequence numbers, which leads to use insufficient random values CWE-330. Zuken Elmic reported this vulnerability to JPCERT/CC to notify users of its...

CVE-2022-41009

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

kernel: nfsd buffer overflow by RPC message over TCP with garbage data

A buffer overflow flaw was found in the Linux kernel nfsd network file system subsystem. The way a user sends RPC over TCP with excess data added at the end of the message could allow a remote user to starve the resources, causing a denial of service...

The vulnerability of the tcp-protocol implementation in Totalflow’s microprogramming software for ABB RMC-100, RMC-100-LITE, XIO, XFCG5, XRCG5, uFLOG5, and UDC controllers allows a hacker to execute arbitrary code.

The vulnerability of the tcp-protocol implementation in Totalflow’s micro-programmed software for ABB RMC-100, RMC-100-LITE, XIO, XFCG5, XRCG5, uFLOG5, and UDC controllers is related to the possibility of bypassing the path. Exploiting this vulnerability allows a remote attacker to execute...

CVE-2023-22396

An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service Do...

CVE-2023-22403

An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. On QFX10K Series, Inter-Chassis Control Protocol ICCP is used in MC-LAG...