Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: net/core: Fixed the ETHP1588 flow dissector When a PTP Ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, the calculation of the nhoff value is incorrect. For example,...

EUVD-2026-30780

OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enetencap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled itemcount value that is not consistently...

CVE-2025-9283 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP Step Limits Storms tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds...

CVE-2025-9466

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. During execution of the Achilles EtherNet/IP and CIP grammar tests, the device reboots unexpectedly, causing the Link State Monitor to go down for several seconds...

netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()

...

CVE-2025-57440

The Blackmagic ATEM Mini Pro 2.7 exposes an undocumented Telnet service on TCP port 9993, which accepts unauthenticated plaintext commands for controlling streaming, recording, formatting storage devices, and system reboot. This interface, referred to as the "ATEM Ethernet Protocol 1.0", provides...

Linux Distros Unpatched Vulnerability : CVE-2018-10244

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data becau...

Linux Distros Unpatched Vulnerability : CVE-2024-26635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - llc: Drop support for ETHPTR8022. syzbot reported an uninit-value bug below. 0 llc supports ETHP8022 0x0004 and used to support ETHPTR8022 0x0011, and syzbot...

CVE-2022-20849

A vulnerability in the Broadband Network Gateway PPP over Ethernet PPPoE feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continually crash. This vulnerability exists because the PPPoE feature does not properly handle an error...

The vulnerability of the Resilient Ethernet Protocol (REP) implementation in Cisco IOS-enabled Cisco Industrial Ethernet 4000, 4010, and 5000 switches allows a hacker to circumvent security restrictions.

The vulnerability of the Resilient Ethernet Protocol REP implementation in Cisco IOS-enabled Cisco Industrial Ethernet 4000, 4010, and 5000 switches is related to deficiencies in access control based on Access Control Lists ACLs. Exploiting this vulnerability can allow a malicious actor to...

PT-2024-37419 · Robotware · Robotware

Name of the Vulnerable Software and Affected Versions: RobotWare versions prior to 6.15.06, except versions 6.10.10 and 6.13.07 Description: A vulnerability exists in the PROFINET stack included in RobotWare. This issue arises under specific conditions when a specially crafted message is processe...

CVE-2024-20465

A vulnerability in the access control list ACL programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs o...

Cisco IOS 安全漏洞

Cisco IOS is a set of operating systems developed by the U.S.-based Cisco for its network devices. A security vulnerability exists in Cisco IOS that stems from incorrect IPv4 ACL handling on the switching virtual interface when the administrator enables and disables the Resilient Ethernet Protoco...

PT-2024-27229 · Openplc · Openplc

Name of the Vulnerable Software and Affected Versions: OpenPLC v3 b4702061dc14d1024856f71b4543298d77007b88 Description: An out-of-bounds read issue exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality. A specially crafted network request can lead to denial of service. An attacker c...

kernel: net/core: kernel crash in ETH_P_1588 flow dissector

A flaw was found in the ETHP1588 flow dissector in the Linux Kernel, which can lead to a kernel crash...

CVE-2021-47293

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbmod: Skip non-Ethernet packets Currently tcfskbmodact assumes that packets use Ethernet as their L2 protocol, which is not always the case. As an example, for CAN devices: $ ip link add dev vcan0 type vcan $ ip...

CVE-2021-47293 net/sched: act_skbmod: Skip non-Ethernet packets

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbmod: Skip non-Ethernet packets Currently tcfskbmodact assumes that packets use Ethernet as their L2 protocol, which is not always the case. As an example, for CAN devices: $ ip link add dev vcan0 type vcan $ ip...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that hsrgetskbsequencenr reads an invalid value as the sequence number if the packet type ID field ...

UBUNTU-CVE-2024-26635

In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETHPTR8022. syzbot reported an uninit-value bug below. 0 llc supports ETHP8022 0x0004 and used to support ETHPTR8022 0x0011, and syzbot abused the latter to trigger the bug. write$tunr0,...

PT-2023-9645 · Cisco · Cisco Industrial Ethernet 5000 +3

Name of the Vulnerable Software and Affected Versions: Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches affected versions not specified Description: The issue is related to the incorrect handling of IPv4 access control lists ACLs on switched virtual interfaces when an administrator...