Astra Linux - уязвимость в edk2

EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...

SUSE CVE-2026-23247

In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...

EUVD-2026-12810

In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...

UBUNTU-CVE-2026-23247

In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...

CVE-2026-23247

In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...

CVE-2026-23247 tcp: secure_seq: add back ports to TS offset

In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...

PT-2026-26050

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel addresses an issue where off-path TCP source port leakage could occur via a SYN cookie side-channel. The resolution involves reintroducing TCP ports into the timestamp...

EUVD-2020-23344

Malware in sbrugna...

EUVD-1999-1131

Malware in sbrugna...

EUVD-2007-2774

Malware in sbrugna...

EUVD-2018-19088

Malware in sbrugna...

EUVD-2022-46499

Malicious code in bioql PyPI...

EUVD-2023-49542

Malicious code in bioql PyPI...

TencentOS Server 3: edk2 (TSSA-2024:0393)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0393 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2022-43501

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNsInitial Sequence Number for TCP connections from an insufficiently random source. An attacker may be able to determine the ISN of the current or future TCP connections and either hijack existing ones or spoof future ones...

CVE-2024-10604

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

Fuchsia 安全漏洞

Fuchsia is an open source general purpose operating system. Fuchsia suffers from a security vulnerability that stems from a network protocol header field generation algorithm that could lead to TCP ISN, TCP timestamps, TCP/UDP source ports, and IPv4/IPv6 segment IDs being guessed...

PT-2025-1599 · Google · Fuchsia

Name of the Vulnerable Software and Affected Versions: Fuchsia affected versions not specified Description: The issue concerns vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields. Specifically, the vulnerabilities affect the TCP Initial Sequence Number ISN...

Amazon Linux 2 : edk2 (ALAS-2024-2722)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2722 advisory. A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. CVE-2021-28211 BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting...

kernel: TCP-spoofed ghost ACKs and leak leak initial sequence number

A flaw was found in the Linux kernel. Two TCP spoofing primitives exist where an attacker can brute force the server-chosen send window by acknowledging data that was never sent, called "ghost ACKs." There are side channels that also allow the attacker to leak the otherwise secret server-chosen...