Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hcisync: Fixed a UAF in lereadfeaturescomplete. This fix addresses the issue where the hciconn variable was freed before lereadfeaturescomplete, but after hcilereadremotefeaturessync. As a result, hciconndel -...

Quarkus REST has potential worker thread starvation when HTTP connection is closed while waiting to write

A vulnerability exists in the HTTP layer of Quarkus REST related to response handling. When a response is being written, the framework waits for previously written response chunks to be fully transmitted before proceeding. If the client connection is dropped during this waiting period, the...

CVE-2022-50666 RDMA/siw: Fix QP destroy to wait for all references dropped.

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siwqpdestroy call, so...

EUVD-2006-7193

Malware in sbrugna...

EUVD-2020-4152

Malware in sbrugna...

CVE-2025-21795 NFSD: fix hang in nfsd4_shutdown_callback

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix hang in nfsd4shutdowncallback If nfs4client is in courtesy state then there is no point to send the callback. This causes nfsd4shutdowncallback to hang since clcbinflight is not 0. This hang lasts about 15 minutes until...

BIT-NODE-MIN-2020-11080 Denial of service in nghttp2

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...

Fix of CVE: CVE-2021-3618

CVE-2021-3618: drop the connection after reaching the specified number of invalid protocol commmands...

Security feature bypass

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes 2400 individual settings entries over and over again. The attack causes th...

CVE-2020-11810

OpenVPN 2.4.x prior to 2.4.9 is affected by CVE-2020-11810. An attacker can inject a P_DATA_V2 data channel packet using a victim’s peer-id, potentially dropping the victim’s connection if the packet arrives before data channel crypto parameters are initialized. The attack relies on a small timin...

CVE-2006-7214

CVE-2006-7214 affects Firebird 1.5. The connected sources indicate multiple vulnerabilities in Firebird 1.5 that can be triggered remotely: (1) a denial of service (application crash) by sending many remote protocol versions, and (2) denial of service (connection drop) through certain network tra...

DEBIAN-CVE-2003-0774

saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service segmentation fault when invalid memory is accessed...

CVE-2001-0411

Reliant Unix 5.44 and earlier allows remote attackers to cause a denial of service via an ICMP port unreachable packet, which causes Reliant to drop all connections to the source address of the packet...

CVE-2000-0896

WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood of fragmented IP packets, which causes the firewall to drop connections and stop forwarding packets...