SUSE CVE-2025-21678

In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtpnewlink links the device to a list in devnetdev instead of srcnet, where a udp tunnel socket is created. Even when srcnet is removed, the device stays alive on...

DEBIAN-CVE-2025-21678

In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtpnewlink links the device to a list in devnetdev instead of srcnet, where a udp tunnel socket is created. Even when srcnet is removed, the device stays alive on...

CVE-2025-21677

CVE-2025-21677 is a Linux kernel vulnerability where a PFCP device is attached to the wrong network namespace, causing the device to remain alive after the namespace is removed. The root cause is pfcp_newlink() linking the PFCP device to dev_net(dev) instead of the correct net, allowing a UDP tun...

CVE-2024-10604

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

Contec Health CMS8000 Patient Monitor 安全漏洞

Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor. An attacker can exploit the vulnerability to send specially formatted UDP requests to write arbitrary data...

fastd 安全漏洞

fastd is a Swoole-enabled lightweight web development framework from the Fastdlabs team in China. A security vulnerability exists in versions prior to fastd 23, which stems from the presence of a UDP traffic amplification vulnerability that could lead to a distributed denial of service attack...

PT-2025-5339 · Fastd +1 · Fastd +1

Name of the Vulnerable Software and Affected Versions: fastd versions prior to v23 Description: fastd is a VPN daemon that tunnels IP packets and Ethernet frames over UDP. When receiving a data packet from an unknown IP address/port combination, fastd initiates a reconnect by sending a handshake...

SUSE CVE-2025-0650

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...

Open Virtual Network 访问控制错误漏洞

Open Virtual Network OVN is an open virtual network open sourced by Open Virtual Network. A security vulnerability exists in Open Virtual Network OVN that stems from a specially constructed UDP packet that can bypass an egress ACL, resulting in unauthorized access to virtual machines and containe...

The vulnerability of GUE tunneling protocols, related to insufficient verification of the communication channel source, allows attackers to execute attacks such as “substitution of the trusted object”.

The vulnerability of GUE tunneling protocols lies in insufficient verification of the source of the communication channel. Exploiting this vulnerability allows a malicious actor to execute attacks such as “substitution of the trusted object” by sending a specially crafted packet containing two IP...

SUSE CVE-2024-57901

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangetprotocoldgram vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangetprotocoldgram to not touch skb at all, so that it can be used from many cpus on the same skb. A...

CVE-2024-57901 af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangetprotocoldgram vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangetprotocoldgram to not touch skb at all, so that it can be used from many cpus on the same skb. A...

PT-2025-1019 · Hewlett Packard · Hpe Aruba Networking Cx 10000 Series Switches

Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking CX 10000 Series Switches affected versions not specified Description: A vulnerability in the firewall component of HPE Aruba Networking CX 10000 Series Switches exists, which could allow an unauthenticated adjacent attack...

SUSE CVE-2024-56643

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...

DEBIAN-CVE-2024-56643

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix memory leak in dccpfeatchangerecv If dccpfeatpushconfirm fails after new value for SP feature was accepted without reconciliation 'entry == NULL' branch, memory allocated for that value with dccpfeatclonespval is never...

AZL-55163 CVE-2024-56642 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanupbearer. syzkaller reported a use-after-free of UDP kernel socket in cleanupbearer without repro. 01 When bearerdisable calls tipcudpdisable, cleanup of the UDP kernel socket is...

UBUNTU-CVE-2024-56642

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanupbearer. syzkaller reported a use-after-free of UDP kernel socket in cleanupbearer without repro. 01 When bearerdisable calls tipcudpdisable, cleanup of the UDP kernel socket is...

AZL-55615 CVE-2024-53210 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...

PT-2025-8761

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel's UDP socket handling. When a UDP socket changes its local address while receiving datagrams, there is a period during which a lookup operatio...

The vulnerability of the DHIP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera allows a intruder to escalate their privileges to root level and gain full access to the device.

The vulnerability of the DHIP microprogramming-based IP camera from Lorex 2K Indoor Wi-Fi Security Camera lies in the manipulation of the zero pointer. Exploiting this vulnerability allows an attacker to escalate their privileges to root and gain full access to the device through a connection usi...