CVE-2025-27031

memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed...

CVE-2025-27031 Use After Free in Bluetooth HOST

memory corruption while processing IOCTL commands, when the buffer in write loopback mode is accessed after being freed...

CVE-2024-46990

Directus is a real-time API and App dashboard for managing SQL database content. When relying on blocking access to localhost using the default 0.0.0.0 filter a user may bypass this block by using other registered loopback devices like 127.0.0.2 - 127.127.127.127. This issue has been addressed in...

CVE-2023-22817

Server-side request forgery SSRF vulnerability that could allow a rogue server on the local network to modify its URL using another DNS address to point back to the loopback adapter. This could then allow the URL to exploit other vulnerabilities on the local server. This was addressed by fixing D...

CVE-2023-7060

Zephyr OS IP packet handling does not properly drop IP packets arriving on an external interface with a source address equal to 127.0.01 or the destination address...

CVE-2022-29840

Server-Side Request Forgery SSRF vulnerability that could allow a rogue server on the local network to modify its URL to point back to the loopback adapter was addressed in Western Digital My Cloud OS 5 devices. This could allow the URL to exploit other vulnerabilities on the local server.This...

CVE-2020-35863

An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface...

CVE-2020-7462

In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, improper mbuf handling in the kernel causes a use-after-free bug by sending IPv6 Hop-by-Hop options over the loopback interface. The use-after-free situation may result in unintended kernel behaviour including a kernel panic...

CVE-2002-1921

The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bind address to the loopback interface, which allows remote attackers to connect to the database...

kernel: filemap: Fix bounds checking in filemap_read()

In the Linux kernel, the following vulnerability has been resolved: filemap: Fix bounds checking in filemapread If the caller supplies an iocb-kipos value that is close to the filesystem upper limit, and an iterator with a count that causes us to overflow that limit, then filemapread enters an...

SUSE CVE-2022-49916

In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rosesendframe The syzkaller reported an issue: KASAN: null-ptr-deref in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...

Configure the iptables Policies for Loopback Properly

The loopback address 127.0.0.0/8 is a special address on a server. It is irrelevant to NICs and is mainly used for the inter-process communication of a local device. Packets with the source address 127.0.0.0/8 from NICs should be discarded. If policies related to the loopback address are improper...

Configure the nftables Policies for Loopback Properly

The loopback address 127.0.0.0/8 is a special address on a server. It is irrelevant to NICs and is mainly used for the inter-process communication of a local device. Packets with the source address 127.0.0.0/8 from NICs should be discarded. If policies related to the loopback address are improper...

CVE-2022-49916 rose: Fix NULL pointer dereference in rose_send_frame()

In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rosesendframe The syzkaller reported an issue: KASAN: null-ptr-deref in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...

Linux Distros Unpatched Vulnerability : CVE-2014-9751

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The readnetworkpacket function in ntpio.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6...

SUSE CVE-2022-49504

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...

CVE-2022-49504

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...

DEBIAN-CVE-2022-49504

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...

AZL-68624 CVE-2022-49504 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...

UBUNTU-CVE-2022-49504

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Inhibit aborts if external loopback plug is inserted After running a short external loopback test, when the external loopback is removed and a normal cable inserted that is directly connected to a target device, the...