RHEL 8 : kernel (RHSA-2025:17009)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17009 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/vkms: Fix use after free...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all...

CVE-2025-43359

CVE-2025-43359 describes a logic issue in state management where a UDP server socket bound to a local interface may become bound to all interfaces. This could lead to exposure of network services. The vulnerability affects Apple platforms and is fixed in: tvOS 26, watchOS 26, macOS Sonoma 14.8, i...

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A UDP server socket bound to a local interface may become bound to all...

CLSA-2025-1757962453 kernel: Fix of 32 CVEs

inet: fully convert sk-skrxdst to RCU rules CVE-2021-47103 - ALSA: usb-audio: Fix out of bounds reads when finding clock sources CVE-2024-53150 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - can: peakusb: fix use after free bugs CVE-2021-47670 -...

PT-2025-37850

Name of the Vulnerable Software and Affected Versions: macOS Tahoe version 26 macOS Sequoia versions 15.7 macOS Sonoma version 14.8 tvOS version 26 visionOS version 26 watchOS version 26 iOS versions prior to 18.7 iPadOS versions prior to 18.7 Description: A logic issue was addressed with improve...

Siemens SINEC OS

SUMMARY SINEC OS is affected by multiple vulnerabilities due to open UDP ports, which could allow an attacker to access non-sensitive information without authentication or potentially cause temporary denial of service. Siemens is preparing fix versions and recommends specific countermeasures for...

udp: Deal with race between UDP socket address change and rehash

...

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...

CVE-2025-57220

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 to escalate privileges to root via a crafted UDP packet...

CVE-2025-6188

On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication...

CVE-2025-57220

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 to escalate privileges to root via a crafted UDP packet...

CVE-2025-57220

An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09multiTDE01 to escalate privileges to root via a crafted UDP packet...

Linux Distros Unpatched Vulnerability : CVE-2019-20797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as...

CVE-2025-6188 On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do n

On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication...

CVE-2025-6188 On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do n

On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication...

kernel: udp: Fix memory accounting leak.

A memory overflow vulnerability exists within the Linux kernel's networking subsystem. Specifically, an application can set the SORCVBUF socket option to its maximum value INTMAX, which triggers an integer overflow within the udprmemrelease function during socket closure. The udpdestructcommon...

ALSA-2025:14439 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: udp: Fix memory accounting leak. CVE-2025-22058 For more details about the security issues, including the impact, a CVSS score,...

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista USA. A security vulnerability exists in Arista EOS that originates from the possible acceptance of specially crafted UDP packets on source port 3503, which could lead to unexpected behavior...

PT-2025-34703

Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: Maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for...