CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

Linux Distros Unpatched Vulnerability : CVE-2026-42577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP...

CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

CVE-2026-42577 Netty: epoll transport denial of service via RST on half-closed TCP connection

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

CVE-2026-42577 Netty: epoll transport denial of service via RST on half-closed TCP connection

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

CVE-2026-43274

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previously, thi...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: Fixed a race condition related to port output. Assume the following setup on a single machine: 1. An openvswitch instance with one bridge and default flows. 2. Two network namespaces: “server” and “client”. 3...

CVE-2026-35406

Affected software: aardvark-dns (authoritative DNS server for A/AAAA container records). Vulnerable versions: 1.16.0 through 1.17.0. Root cause: a truncated TCP DNS query followed by a connection reset can cause the process to enter an unrecoverable infinite error loop, consuming 100% CPU. Impact...

PT-2026-31029

Name of the Vulnerable Software and Affected Versions Aardvark-dns versions 1.16.0 through 1.17.0 Description A truncated TCP DNS query followed by a connection reset causes Aardvark-dns to enter an unrecoverable infinite error loop, resulting in 100% CPU usage. Recommendations Update to version...

KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop

...

SUSE CVE-2024-46681

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

AZL-49328 CVE-2024-46681 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: pktgen: use cpusreadlock in pgnetinit I have seen the WARNONsmpprocessorid != cpu firing in pktgenthreadworker during tests. We must use cpusreadlock/cpusreadunlock around the foreachonlinecpucpu loop. While we are at it use...

GHSA-5FM9-H728-FWPJ trust-dns vulnerable to Remote Attackers causing Denial-of-Service (packet loops) with crafted DNS packets

trust-dns and trust-dns-server are vulnerable to remotely triggered denial-of-service attacks, consuming both network and CPU resources. DNS messages with the QR=1 bit set are responded to with a FormErr response. This allows creating a traffic loop, in which these FormErr responses are sent...

Updated connman packages fix security vulnerability

TCP Receive Path does not Check for Presence of Sufficient Header Data. CVE-2022-23096 Possibly invalid memory reference in 'strnlen' call in 'forwarddnsreply'. CVE-2022-23097 TCP Receive Path Triggers 100 % CPU loop if DNS server does not Send Back Data. CVE-2022-23098...

MGASA-2022-0045 Updated connman packages fix security vulnerability

TCP Receive Path does not Check for Presence of Sufficient Header Data. CVE-2022-23096 Possibly invalid memory reference in 'strnlen' call in 'forwarddnsreply'. CVE-2022-23097 TCP Receive Path Triggers 100 % CPU loop if DNS server does not Send Back Data. CVE-2022-23098...

Denial Of Service (DoS)

pydantic is vulnerable to denial of service. An attacker is able to exploit the vulnerability by passing either infinity , inf or floatinf or their negatives to datetime or data fields causing the validaton to run in loops with 100% CPU usage...

FreeBSD : samba -- multiple vulnerabilities (6ad309d9-fb03-11e3-bebd-000c2980a9f3)

The samba project reports : A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service. Valid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode request. %NASLMINLEVEL 70300 ...

Samba 3.6.x < 3.6.24 / 4.0.x < 4.0.19 / 4.1.x < 4.1.9 Multiple Vulnerabilities

According to its banner, the version of Samba on the remote host is 3.6.x prior to 3.6.24, 4.0.x prior to 4.0.19, or 4.1.x prior to 4.1.9. It is, therefore, affected by the following vulnerabilities : - A denial of service flaw exists with 'nmbd'. A remote attacker, with a specially crafted packe...

samba -- multiple vulnerabilities

The samba project reports: A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service. Valid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode request...