25 matches found
UBUNTU-CVE-2026-45860
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: increase the connection clean up limit to 64 After the optimization to only perform one GC per jiffy, a new problem was introduced. If more than 8 new connections are tracked per jiffy the list won't be...
CVE-2026-45860 netfilter: nf_conncount: increase the connection clean up limit to 64
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: increase the connection clean up limit to 64 After the optimization to only perform one GC per jiffy, a new problem was introduced. If more than 8 new connections are tracked per jiffy the list won't be...
CVE-2026-45860
netfilter: nfconncount: increase the connection clean up limit to 64...
UBUNTU-CVE-2026-23139
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: update lastgc only when GC has been performed Currently lastgc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high...
CVE-2026-23139
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: update lastgc only when GC has been performed Currently lastgc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high...
CVE-2026-23139 netfilter: nf_conncount: update last_gc only when GC has been performed
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: update lastgc only when GC has been performed Currently lastgc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high...
CVE-2026-23139 netfilter: nf_conncount: update last_gc only when GC has been performed
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: update lastgc only when GC has been performed Currently lastgc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high...
Linux Distros Unpatched Vulnerability : CVE-2025-21955
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: prevent connection release during oplock break notification ksmbdwork could be freed when after connection release. Increment rcount of ksmbdconn to...
Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-57982: xfrm: state: fix out-of-bounds read during lookup bsc1237913. CVE-2024-58053: rxrpc: Fix handling of received connection abort bsc1238982...
SUSE-SU-2025:02254-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...
Monero: Connection Count Bug in Monero Node Enables Outbound Peer Reset Attack
A vulnerability was disclosed that could cause a Monero node's outbound connections to be dropped. The vulnerability was caused by a flaw in how the node incorrectly counted the number of current outbound connections. An attacker could exploit this flaw to trick the node into mistakenly believing...
netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()
...
UBUNTU-CVE-2025-21959
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...
PT-2026-4359
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's netfilter module, specifically within the nf conncount component. The issue involves potential connection tracking ct leaks occurring along error path...
Multiple Cisco Products Snort Rate Filter Bypass (cisco-sa-snort-rf-bypass-OY8f3pnM)
According to its self-reported version, Cisco FTD Software is affected by a vulnerability. - Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limitin...
CVE-2024-20342
Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker...
CVE-2024-20342 Cisco Firepower Threat Defense Software Rate Filter Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker...
CVE-2024-20342
Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker...
Multiple Cisco Products Snort Rate Filter Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter. This vulnerability is due to an incorrect connection count comparison. An attacker...
Cisco Firepower Threat Defense 安全漏洞
Cisco Firepower Threat Defense FTD is a suite of unified software that provides next-generation firewall services from Cisco USA. A security vulnerability exists in Cisco Firepower Threat Defense that stems from an incorrect connection count comparison...