CVE-2026-31495

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

CVE-2026-31495 netfilter: ctnetlink: use netlink policy range checks

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extac...

CVE-2026-31495

The CVE-2026-31495 entry concerns the Linux kernel’s netfilter ctnetlink path. The issue stems from missing netlink policy range checks, allowing invalid values to slip through due to manual range validation in CTA_PROTOINFO_TCP_STATE, WSCALE, and related flags. The documented impact notes that c...

PT-2026-34400

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter ctnetlink component where manual range and mask validations are used instead of netlink policy annotations. This can lead to undefined behavior when the...

UBUNTU-CVE-2025-39955

In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot reused the server-side TCP Fast Open socket as a new client before the...

EUVD-2017-3891

Malware in sbrugna...

CVE-2025-38035 nvmet-tcp: don't restore null sk_state_change

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of nvmettcpsetqueuesock, but if the TCP connection isn't established when nvmettcpsetqueuesock is called then queue-statechange isn't set and...

SUSE CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

Cisco RF Gateway 1 Denial of Service Vulnerability

Cisco RF Gateway 1 devices is a gateway device from Cisco USA.TCP state machine is one of the TCP state machines. A denial of service vulnerability exists in the TCP state machine in Cisco RF Gateway 1 devices. A remote attacker could exploit this vulnerability by establishing a large number of T...

CVE-2017-12318

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

Race condition

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

CVE-2017-12318

A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video SDV or video on demand VoD streams, resulting in a denial of service DoS condition. The vulnerability is due ...

Code injection

Unspecified vulnerability in Cisco NX-OS before 4.01aN21, when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service crash via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609...

CVE-2009-0627

The CVE-2009-0627 entry concerns Cisco NX-OS on Nexus 5000 platforms (before 4.0(1a)N2(1)). It describes an unspecified vulnerability that lets remote attackers crash the device via a sequence of TCP packets related to TCP state manipulation, possibly linked to CVE-2008-4609 (sockstress). The con...

CVE-2009-0627

Unspecified vulnerability in Cisco NX-OS before 4.01aN21, when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service crash via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609...

TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

Workaround for Microsoft ISA Server TCP State Limited Denial of Service Vulnerability (MS09-016)

A denial of service vulnerability has been reported in Microsoft Internet Security and Acceleration ISA Server. ISA Server, originating as Microsoft Proxy Server, is a Firewall & Security product that provides Application-Layer Firewalling, acts as a VPN endpoint, and provides Internet Access for...

CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...