CVE-2026-53259

CVE-2026-53259 describes a Linux kernel slab-use-after-free in ipv6_acaddr handling. The bug occurs in the ipv6 anycast path where an aca (ipv6_acaddr) is published to idev->ac_list under idev->lock but inserted into the global inet6_acaddr_lst hash after unlock, allowing a concurrent teard...

EUVD-2026-39210

In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...

Forward to Hell? on the Potentials of Misusing Transparent DNS Forwarders in Reflective Amplification Attacks

The DNS infrastructure is infamous for facilitating reflective amplification attacks. Various countermeasures such as server shielding, access control, rate limiting, and protocol restrictions have been implemented. Still, the threat remains throughout the deployment of DNS servers. In this paper...

Cisco NX-OS Software Anycast Gateway Invalid ARP (CVE-2020-3174)

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

Edge DNS Secondary Implementation: Order of Operations for NS Zone and Registrar Records

This article has been updated to include recent industry trends and information about primary implementations. Akamai Edge DNS service delivers edge-based, authoritative domain services for thousands of organizations. These organizations trust Edge DNS to deliver reliable and performant responses...

Finding the Best Servers to Answer Queries -- Edge DNS and Anycast

TL;DR IP Anycast is a network addressing and routing methodology that allows IP addresses to be announced from multiple points on the internet With the proper implementation, Anycast can reduce DNS RTTs and offer innate DDoS protection Akamai's authoritative name service, Edge DNS, combines globa...

Finding the Best Servers to Answer Queries — Edge DNS and Anycast

While Unicast defines a single destination endpoint for a given IP, Anycast is an addressing technique in which the same IP is advertised from multiple servers simultaneously...

A vulnerability in the anycast function of the Cisco NX-OS operating system, which allows a attacker to compromise the integrity of protected information.

The vulnerability in the anycast function of the Cisco NX-OS operating system is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of protected information...

Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability (cisco-sa-20200226-nxos-arp)

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

CVE-2020-3174

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

Input validation

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

CVE-2020-3174 Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

CVE-2020-3174 Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

Cisco NX-OS Software Anycast Gateway Invalid ARP Vulnerability

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

Deployment Diversity for DNS Resiliency

Consider Addressing Delegation Servers with Varying Network Routes Written by: Jim Gilbert and Barry Greene Don't Forget DNS Similar to diverse workforces performing at a higher level, diverse network service deployments perform at a higher level that is increasingly important as the Internet...

Internet Root Name Servers DDoS Attack

An unusual DDoS amplification attack was carried out 10 days ago against many of the Internet’s 13 root name servers, the authoritative servers used to resolve IP addresses. The attacks happened on Nov. 30 and again on Dec. 1, and each time, massive volumes of traffic, peaking at five million...