CVE-2026-7423

Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service device crash when outgoing ping support is enabled, because header sizes are subtracted from a packet length field without...

ipv4: icmp: validate reply type before using icmp_pointers

...

SUSE CVE-2026-46037

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: validate reply type before using icmppointers Extended echo replies use ICMPEXTECHOREPLY as the outbound reply type. That value is outside the range covered by icmppointers, which only describes the traditional ICMP...

PT-2026-39942

Issuing an ICMP ping via the net ping shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are...

Linux Distros Unpatched Vulnerability : CVE-2026-43099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: icmp: fix null-ptr-deref in icmpbuildprobe ipv6stub-ipv6devfind may return ERRPTR-EAFNOSUPPORT when the IPv6 stack is not active CONFIGIPV6=m and not...

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

CVE-2026-23398 icmp: fix NULL pointer dereference in icmp_tag_validation()

In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmptagvalidation icmptagvalidation unconditionally dereferences the result of rcudereferenceinetprotosproto without checking for NULL. The inetprotos array is sparse -- only about 15 of 256...

CVE-2026-23381

A flaw was found in the Linux kernel's network bridging component. When Internet Protocol version 6 IPv6 is explicitly disabled, a critical data structure for Neighbor Discovery is not properly initialized. A remote attacker could exploit this by sending a specially crafted Internet Control Messa...

CVE-2026-21906

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode...

CVE-2026-21906

CVE-2026-21906 overview (Junos OS SRX Series) A vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series can be triggered by a specific ICMP packet routed through a GRE tunnel when PowerMode IPsec (PMI) and GRE performance acceleration are enabled. An unauthe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an ICMP host relookup in the net subsystem triggering an iprtbug issue...

In the Linux kernel before 5.1.7 a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g. UDP and ICMP). When such traffic is sent to multiple destination IP addresses it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses.

...

FreeBSD 安全漏洞

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from ICMPv6 packets that bypass firewall rules...

kernel: icmp: prevent possible NULL dereferences from icmp_build_probe()

A flaw was found in the Linux kernel's ICMP protocol. Under some conditions, a NULL pointer dereference can be triggered due to a missing check, causing a system crash and resulting in a denial of service...

CVE-2023-41354

Chunghwa Telecom NOKIA G-040W-Q Firewall function does not block ICMP TIMESTAMP requests by default, an unauthenticated remote attacker can exploit this vulnerability by sending a crafted package, resulting in partially sensitive information exposed to an actor...

The vulnerability in the implementation of the ICMP protocol in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the ICMP protocol implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-23415

Internet Control Message Protocol ICMP Remote Code Execution Vulnerability...

KLA48553 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface, cause denial of service, bypass security restrictions. Below is a complete list of...

SUSE CVE-2015-6496

conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service crash via a 1 DCCP, 2 SCTP, or 3 ICMPv6 packet...

CVE-2022-26071

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel TMM allows an attack...