Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: Validates the prefix length of new SA entries using the SA family, when sel.family is unset. This extends the validation introduced in commit 07bf7908950a “xfrm: Validates address prefix lengths in the xfrm selector”. The...

EUVD-2026-28960

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcfsesssetipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of the argument SmPolicyContextData.ipv6AddressPrefix can lead to denial of service. It is possible to...

CVE-2026-8224 Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of service

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcfsesssetipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of the argument SmPolicyContextData.ipv6AddressPrefix can lead to denial of service. It is possible to...

CVE-2026-8224 Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of service

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcfsesssetipv6prefix of the file /src/pcf/context.c of the component PCF. Executing a manipulation of the argument SmPolicyContextData.ipv6AddressPrefix can lead to denial of service. It is possible to...

CVE-2026-8224

Open5GS PCF component (up to 2.7.7) is affected by CVE-2026-8224 via the function pcf_sess_set_ipv6prefix in src/pcf/context.c. An attacker can manipulate SmPolicyContextData.ipv6AddressPrefix to trigger a denial of service. The issue is exploitable remotely, and public exploit information has be...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the function pcfsesssetipv6prefix in the PCF component’s file...

PT-2026-31592

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security issue exists in Totolink A7100RU 7.4cu.2313 b20191024. The setIpv6LanCfg function within the /cgi-bin/cstecgi.cgi file of the CGI Handler component is susceptible to os comma...

CVE-2026-34785

A flaw was found in Rack. The Rack::Static component, which serves static files for web applications, uses a simple string prefix check to determine if a request should be served as a static file. This can lead to unintended information disclosure, as files with names that merely share a configur...

CVE-2026-34359 HAPI FHIR: Authentication Credential Leakage via Improper URL Prefix Matching on HTTP Redirect in HAPI FHIR Core

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, ManagedWebAccessUtils.getServer uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Because configured...

PT-2026-29162

Name of the Vulnerable Software and Affected Versions HAPI FHIR versions prior to 6.9.4 Description The software uses String.startsWith to match request URLs against configured server URLs for authentication credential dispatch. Configured server URLs lack a trailing slash or host boundary check,...

MiracleLinux 4 : bind-9.8.2-0.37.5.0.2.rc1.AXS4 (AXSA:2016-051:01)

"The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-051:01 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names ...

CVE-2023-50926

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of the DIO message...

CVE-2021-32771

Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have...

CVE-2024-50142 xfrm: validate new SA's prefixlen using SA family when sel.family is unset

In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7908950a "xfrm: Validate address prefix lengths in the xfrm selector." syzbot created an SA with...

SUSE CVE-2005-3651

Stack-based buffer overflow in the dissectospfv3addressprefix function in the OSPF protocol dissector in Ethereal 0.10.12, and possibly other versions, allows remote attackers to execute arbitrary code via crafted packets...

SUSE CVE-2015-8704

apl42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service INSIST assertion failure and daemon exit via a malformed Address Prefix List APL record...

CVE-2021-32771 Buffer overflow in contiki-ng

Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have...

dhcp security and bug fix update

12:4.3.6-34 - Resolves: 1704672 - Fix crash caused by bind rebase 12:4.3.6-33 - Resolves: 1673946 - Change default prefix length to 128 - Add address-prefix-lenght option to change default value - Fix backporting issues 12:4.3.6-31 - Resolves: 1685560 - Drop executable flag from NM dispatcher...

bind: specific APL data could trigger an INSIST in apl_42.c

A denial of service flaw was found in the way BIND processed certain malformed Address Prefix List APL records. A remote, authenticated attacker could use this flaw to cause named to crash...

bind: specific APL data could trigger an INSIST in apl_42.c

A denial of service flaw was found in the way BIND processed certain malformed Address Prefix List APL records. A remote, authenticated attacker could use this flaw to cause named to crash...