ALSA-2025:14439 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: udp: Fix memory accounting leak. CVE-2025-22058 For more details about the security issues, including the impact, a CVSS score,...

CVE-2011-10020

Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become...

CVE-2025-38622

In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...

CVE-2025-38622 net: drop UFO packets in udp_rcv_segment()

In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...

CVE-2025-38622

In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...

Oracle Linux 10 : kernel (ELSA-2025-14009)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14009 advisory. - tls: always refresh the queue when reading sock - CVE-2025-38471 - net: fix udp gso skbsegment after pull from fraglist - CVE-2025-38124 - Bluetoot...

CVE-2011-10020

CVE-2011-10020 affects Kaillera Server 0.86. The vulnerability is a denial-of-service caused by improper input validation in the UDP packet handler, triggered by a malformed UDP packet after the HELLO0.83 handshake, allowing unauthenticated remote disruption of service and server unavailability. ...

CVE-2011-10020

Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become...

CVE-2011-10020 Kaillera 0.86 Server DoS via Malformed UDP Packet

Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become...

CVE-2011-10020 Kaillera 0.86 Server DoS via Malformed UDP Packet

Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become...

curl: curl leaks destination IP via glibc getaddrinfo() UDP connect, bypassing SOCKS5/Tor

Summary: When using curl with a SOCKS5 proxy e.g. Tor on 127.0.0.1:9050, glibc getaddrinfo performs direct UDP connect probes to the target’s IP:443. These syscalls bypass the proxy and expose the user’s route to the destination, breaking anonymity expectations. The IPs I got in my case:...

Kaillera Server 安全漏洞

Kaillera Server is a game server software from Kaillera open source. A security vulnerability exists in Kaillera Server version 0.86, which stems from improper handling of UDP packets and could lead to a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2015-5366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 udprecvmsg and 2 udpv6recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cau...

kernel: net: fix udp gso skb_segment after pull from frag_list

A denial of service vulnerability has been discovered in the Linux kernel's UDP Generic Segmentation Offload GSO functionality. This flaw allows a local, unprivileged user to trigger a kernel crash by generating UDP packets with a specially malformed fraglist geometry. Successful exploitation of...

kernel: net: fix udp gso skb_segment after pull from frag_list

A denial of service vulnerability has been discovered in the Linux kernel's UDP Generic Segmentation Offload GSO functionality. This flaw allows a local, unprivileged user to trigger a kernel crash by generating UDP packets with a specially malformed fraglist geometry. Successful exploitation of...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Linux Distros Unpatched Vulnerability : CVE-2025-22058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockst...

Linux Distros Unpatched Vulnerability : CVE-2021-46952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds ...

OESA-2025-1964 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference...

Rosenpass 安全漏洞

Rosenpass is a secure VPN software from Rosenpass Open Source. A security vulnerability exists in Rosenpass versions prior to 0.2.1, which stems from a single-byte UDP packet that could result in a denial of service...