AZL-59922 CVE-2025-21927 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...

DEBIAN-CVE-2025-21927

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...

CVE-2025-21927 nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix potential memory corruption in nvmetcprecvpdu nvmetcprecvpdu doesn't check the validity of the header length. When header digests are enabled, a target might send a packet with an invalid header length e.g. 255,...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now available (RHBQ 3.15.3.SP1)

An update for Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now available RHBQ 3.15.3.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nfc: nci: Fixed an uninit-value issue in ncirxwork. syzbot reported the following uninit-value access issue 1. ncirxwork parses the received packet from ndev-rxq. It is necessary to validate the header size, payload size, and...

CVE-2025-24970 SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

CVE-2025-24970

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

CVE-2025-24970 SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Impact When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Workarounds As workaround its possible to either disable the usage of the native SSLEngine or changing the code from: SslContext...

GHSA-4G8C-WM8X-JFHW SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Impact When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Workarounds As workaround its possible to either disable the usage of the native SSLEngine or changing the code from: SslContext...

SUSE CVE-2024-7596

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

CVE-2024-20496

A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected system. This vulnerability is due to incorrect handling of a specific type of malformed UDP packet. An...

CVE-2024-20496

CVE-2024-20496 affects Cisco SD-WAN vEdge Software. The root cause is improper handling in the UDP packet validation code for certain malformed UDP packets, enabling an unauthenticated, adjacent attacker to reboot the device and cause DoS. The impact listed is a denial of service with device rebo...

Cisco SD-WAN vEdge Software UDP Packet Validation DoS (cisco-sa-sdw-vedos-KqFfhps3)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected...

Siemens Automation License Manager 输入验证错误漏洞

Siemens Automation License Manager is a license manager for Siemens products from Siemens, Germany. A denial of service vulnerability exists in Siemens Automation License Manager, which arises from an affected application failing to properly validate certain fields in incoming network packets on...

PT-2024-32852

Name of the Vulnerable Software and Affected Versions: Bluetooth affected versions not specified Description: The issue arises from a missing check in the LL CONNECTION UPDATE IND packet, which leads to a division by zero error. This error occurs due to the lack of proper validation in the packet...

SUSE CVE-2024-41044

In the Linux kernel, the following vulnerability has been resolved: ppp: reject claimed-as-LCP but actually malformed packets Since 'pppasyncencode' assumes valid LCP packets with code from 1 to 7 inclusive, add 'pppcheckpacket' to ensure that LCP packet has an actual body beyond PPPLCP header...

UBUNTU-CVE-2024-41044

In the Linux kernel, the following vulnerability has been resolved: ppp: reject claimed-as-LCP but actually malformed packets Since 'pppasyncencode' assumes valid LCP packets with code from 1 to 7 inclusive, add 'pppcheckpacket' to ensure that LCP packet has an actual body beyond PPPLCP header...

UBUNTU-CVE-2024-40992

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix responder length checking for UD request packets According to the IBA specification: If a UD request packet is detected with an invalid length, the request shall be an invalid request and it shall be silently droppe...