PT-2025-16741

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug in the Linux kernel's network library has been resolved. The issue occurred because the hardware only supports L4 checksum offload for TCP/UDP/SCTP protocols, but the software...

DEBIAN-CVE-2024-57974

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a race condition between UDP socket address changes and rehashing...

DEBIAN-CVE-2022-49577

In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...

PT-2025-8698 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A crash occurs due to an unknown read issue. The crash involves the processClientServerHello and processTLSBlock functions, as well as the ndpi search tls udp function. Recommendations: At t...

Security update for openvswitch

This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet bsc1236353. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

Security update for openvswitch

This update for openvswitch fixes the following issues: CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet bsc1236353. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

The vulnerability in the implementation of the Control and Provisioning of Wireless Access Points (CAPWAP) protocol for the FortiOS operating system allows a hacker to execute arbitrary code or commands.

The vulnerability of the Control and Provisioning of Wireless Access Points CAPWAP implementation in the FortiOS operating system is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or commands by sending specially crafted U...

Vulnerability fixed in Fortinet FortiOS

Fortinet has fixed a vulnerability in FortiOS Specifically for versions 7.2.4 to 7.2.8 and 7.4.0 to 7.4.4. The vulnerability is in the way FortiOS handles UDP packets. A malicious party, if stack protection is bypassed and the fabric service is active on the exposed interface, can execute arbitra...

The vulnerability of the functions sock_set_flag() and spin_unlock() (net/ipv4/udp.c) in the Linux kernel’s UDP component allows a attacker to cause a service failure.

The vulnerabilities of the functions socksetflag and spinunlock net/ipv4/udp.c in the Linux kernel’s UDP component are related to resource management errors. Exploiting these vulnerabilities could allow an attacker to cause a service failure...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

The vulnerability of the microprogrammed software of medical monitoring devices such as CMS8000 Patient Monitor and Epsimed MN-120 arises from the fact that the output of operations may escape the buffer in memory. This allows an intruder to gain unauthorized access to protected information, execute arbitrary codes, or gain full control over the device.

The vulnerability of the microprogrammed software of the CMS8000 Patient Monitor and Epsimed MN-120 medical devices related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protecte...

CVE-2025-21677

CVE-2025-21677 is a Linux kernel vulnerability where a PFCP device is attached to the wrong network namespace, causing the device to remain alive after the namespace is removed. The root cause is pfcp_newlink() linking the PFCP device to dev_net(dev) instead of the correct net, allowing a UDP tun...

Contec Health CMS8000 Patient Monitor 安全漏洞

Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor. An attacker can exploit the vulnerability to send specially formatted UDP requests to write arbitrary data...

fastd 安全漏洞

fastd is a Swoole-enabled lightweight web development framework from the Fastdlabs team in China. A security vulnerability exists in versions prior to fastd 23, which stems from the presence of a UDP traffic amplification vulnerability that could lead to a distributed denial of service attack...