13 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53249
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: restrict IPOPTSSRR and IPOPTLSRR options This patch restricts setting Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP option...
SUSE CVE-2026-53249
In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPTSSRR and IPOPTLSRR options This patch restricts setting Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options to users with CAPNETRAW capability. This prevents unprivileged...
CVE-2026-53249 ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options
In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPTSSRR and IPOPTLSRR options This patch restricts setting Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options to users with CAPNETRAW capability. This prevents unprivileged...
PT-2026-52344
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Unprivileged applications can set Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options. This allows an attacker to force packets to route through...
CVE-2026-43038 ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...
CVE-2019-12256 - VxWorks IPv4 Options Buffer Overflow
This vulnerability can be triggered by a specially crafted IP packet sent to the target device, even as a broadcast or multicast packet. It does not require any specific application or configuration to be running on the device, and it affects any device running VxWorks v6.9.4 or above with a...
FreeBSD : FreeBSD -- ipsec crash or denial of service (c0c5afef-38db-11e8-8b7f-a4badb2f469b)
The length field of the option header does not count the size of the option header itself. This causes a problem when the length is zero, the count is then incremented by zero, which causes an infinite loop. In addition there are pointer/offset mistakes in the handling of IPv4 options. Impact : A...
FreeBSD-SA-18:05.ipsec
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:05.ipsec Security Advisory The FreeBSD Project Topic: ipsec crash or denial of service Category: core Module: ipsec Announced: 2018-04-04 Credits: Maxime...
FreeBSD -- ipsec crash or denial of service
Problem Description: The length field of the option header does not count the size of the option header itself. This causes a problem when the length is zero, the count is then incremented by zero, which causes an infinite loop. In addition there are pointer/offset mistakes in the handling of IPv...
kernel: ipv4: Invalid IP options could cause skb->dst drop
A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4pktinfoprepare function to drop/free the dst. This could result in a system crash or possible privilege escalation...
USN-3265-2 linux-lts-xenial vulnerabilities
USN-3265-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free flaw existed in the filesystem encryption...
USN-3265-1 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-7374 Andrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation G...
F5 Networks BIG-IP : Linux kernel vulnerability (K60104355)
The ipv4pktinfoprepare function in net/ipv4/ipsockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service system crash via 1 an application that makes crafted system calls or possibly 2 IPv4 traffic with invalid IP options. CVE-2017-5970 Impact This vulnerability ma...