Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 5 days ago5 views

CVE-2026-53355

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS over InfiniBand IB connection teardown process. When the rdsibsetupqp function fails to set up a connection, it may free a memory allocation isends without properly clearing the associated pointer. This can lead to a stale point...

7CVSS5.7AI score0.00164EPSS
Exploits0References4
NVD
NVD
added 2026/06/15 4:16 p.m.10 views

CVE-2026-10634

Zephyr's native TCP stack iterates the global connection list in nettcpforeach subsys/net/ip/tcp.c using the SYSSLISTFOREACHCONTAINERSAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcplock while invoking the per-connection callback and re-acquired...

5.3CVSS0.00274EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/15 2:16 p.m.11 views

EUVD-2026-36727

Zephyr's native TCP stack iterates the global connection list in nettcpforeach subsys/net/ip/tcp.c using the SYSSLISTFOREACHCONTAINERSAFE macro, which caches a pointer to the next list node. Prior to this fix the function released tcplock while invoking the per-connection callback and re-acquired...

4.8CVSS5.4AI score0.00274EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.18 views

PT-2026-49241

Name of the Vulnerable Software and Affected Versions Zephyr versions prior to 4.4.1 Description The native TCP stack contains a use-after-free flaw when iterating the global connection list in the net tcp foreach function. The issue occurs because the function releases the tcp lock while invokin...

5.3CVSS6AI score0.00274EPSS
Exploits1References4
OSV
OSV
added 2026/06/08 5:16 p.m.12 views

DEBIAN-CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00244EPSS
Exploits0References1
OSV
OSV
added 2026/06/08 5:16 p.m.6 views

UBUNTU-CVE-2026-11611

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00244EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/08 4:17 p.m.7 views

CVE-2026-11611 389-ds-base: 389-ds-base: content sync plugin unbounded queue growth and race conditions

A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during...

6.5CVSS5.4AI score0.00244EPSS
Exploits0References2
CVE
CVE
added 2026/06/08 4:17 p.m.28 views

CVE-2026-11611

CVE-2026-11611 concerns the Content Synchronization persistent search plugin in 389 Directory Server. The flaw enables denial of service via unbounded memory growth when an authenticated client stops reading sync responses, and there are additional race conditions in the plugin thread lifecycle t...

6.5CVSS5.4AI score0.00244EPSS
Exploits0References2Affected Software3
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.10 views

CVE-2026-5590

A race condition during TCP connection teardown can cause tcprecv to operate on a connection that has already been released. If tcpconnsearch returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcpbacklogisfull and dereferenced without validatio...

6.4CVSS5.5AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2026/05/04 1:12 p.m.9 views

JLSEC-2026-421 libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection...

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS7.2AI score0.01253EPSS
Exploits1References9
EUVD
EUVD
added 2026/04/05 3:34 a.m.5 views

EUVD-2026-19028

A race condition during TCP connection teardown can cause tcprecv to operate on a connection that has already been released. If tcpconnsearch returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcpbacklogisfull and dereferenced without validatio...

6.4CVSS5.8AI score0.00158EPSS
Exploits0References1
OSV
OSV
added 2025/02/05 10:15 a.m.3 views

ALPINE-CVE-2025-0665

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS7AI score0.01253EPSS
Exploits1References1
curl security advisories
curl security advisories
added 2025/02/05 8:0 a.m.8 views

eventfd double close

libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve...

7CVSS8AI score0.01253EPSS
Exploits1References1Affected Software2
FreeBSD
FreeBSD
added 2014/09/16 12:0 a.m.64 views

FreeBSD -- Denial of Service in TCP packet processing

Problem Description: When a segment with the SYN flag for an already existing connection arrives, the TCP stack tears down the connection, bypassing a check that the sequence number in the segment is in the expected window. Impact: An attacker who has the ability to spoof IP traffic can tear down...

5CVSS9AI score0.80855EPSS
Exploits3
Rows per page
Query Builder