CVE-2025-50681

Summary: CVE-2025-50681 affects igmpproxy 0.4 before commit 2b30c36, allowing remote attackers to cause a denial of service (application crash) by sending crafted IGMPv3 membership reports with a malicious source address. The root cause is insufficient validation in recv_igmp() in src/igmpproxy.c...

EUVD-2002-2164

Malware in sbrugna...

EUVD-2018-1115

Malware in sbrugna...

EUVD-2018-0988

Malware in sbrugna...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...

CVE-2002-2264

Unspecified vulnerability in Internet Group Management Protocol IGMP of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be certain...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the presence of data contention in sysctligmpqrv...

PT-2025-8871

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential issue in the Linux kernel has been identified, related to the igmp6 send function. This function can be called without the necessary synchronization, potentially leading to a...

PT-2024-9992 · Schneider Electric · Powerlogic

Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic versions PM5320, PM5340, and PM5341 Description: An Uncontrolled Resource Consumption issue exists, potentially causing devices to become unresponsive and resulting in communication loss when a large amount of IG...

kernel: use-after-free in IPv4 IGMP

A race condition has been discovered in the Linux kernel's Internet Group Management Protocol IGMP implementation. This vulnerability may enable an attacker to provoke an application crash or potentially escalate privileges locally. By exploiting the race condition, an adversary could disrupt the...

kernel: use-after-free in IPv4 IGMP

A race condition has been discovered in the Linux kernel's Internet Group Management Protocol IGMP implementation. This vulnerability may enable an attacker to provoke an application crash or potentially escalate privileges locally. By exploiting the race condition, an adversary could disrupt the...

kernel: use-after-free in IPv4 IGMP

A race condition has been discovered in the Linux kernel's Internet Group Management Protocol IGMP implementation. This vulnerability may enable an attacker to provoke an application crash or potentially escalate privileges locally. By exploiting the race condition, an adversary could disrupt the...

CLSA-2024-1705494763 kernel: Fix of 13 CVEs

Bluetooth: L2CAP: Fix use-after-free in l2capsockreadycb CVE-2023-40283 - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet CVE-2023-6932 - smb: client: fix OOB in smbCalcSize CVE-2023-6606 - net/sched: schhfsc: Ensure inner classes have fsc curve CVE-2023-4623 - net/sched: clsfw:...

Use-after-free in Linux kernel's ipv4: igmp component

...

DEBIAN-CVE-2023-6932

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past...

PT-2023-7938 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be...

PT-2023-8340 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to a use-after-free problem in the implementation of the IGMPv2 protocol in the Linux kernel, specifically in the igmp start timer function in net/ipv4/igmp.c. Thi...

kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets

A use-after-free flaw was found in the Linux kernel’s IGMP protocol in how a user triggers a race condition in the ipcheckmcrcu function. This flaw allows a local user to crash or potentially escalate their privileges on the system...

China Mobile An Lianbao WF-1 router 操作系统命令注入漏洞

The China Mobile An Lianbao WF-1 router is a router from China Mobile China. China Mobile An Lianbao WF-1 router 1.0.1 suffers from an operating system command injection vulnerability that can be exploited to execute arbitrary commands via shell metacharacters in the IGMP PROXY WAN CONNECT...

CVE-2020-3569

Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol DVMRP feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol IGMP process or make it consume available memory and eventually cras...