Lucene search
K

15 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed the NULL pointer dereference in the route error path of ipv4 null-ptr-deref. The IPv4 code path in ipvsgetoutrt calls dstlinkfailure, without ensuring that skb-dev is set. This leads to a NULL pointer dereference in...

6AI score0.00173EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/29 12:44 p.m.5 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/24 12:25 p.m.4 views

CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.6AI score0.00629EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/04/24 12:24 p.m.6 views

CVE-2026-5265

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.1AI score0.00629EPSS
Exploits0References3
OSV
OSV
added 2026/01/13 4:16 p.m.2 views

UBUNTU-CVE-2025-68813

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...

5.8AI score0.00173EPSS
Exploits0References38
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:29 p.m.5 views

CVE-2025-68813

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...

5.3AI score0.00173EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/01/13 3:29 p.m.15 views

CVE-2025-68813

The CVE-2025-68813 affects the Linux kernel IPVS IPv4 route error path. A NULL pointer dereference occurs when dst_link_failure() is called with skb->dev unset, leading to ipv4_link_failure() → ipv4_send_dest_unreach() → fib_compute_spec_dst() dereferencing skb->dev. The root cause is that ...

6.2AI score0.00173EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.14 views

PT-2026-2545

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.114 Description The Linux kernel contains a flaw within the IPv4 code path in the ip vs get out rt function. This function can call dst link failure without verifying that skb-dev is set, leading to a NULL...

5.5AI score0.00173EPSS
Exploits0
OSV
OSV
added 2024/12/27 3:15 p.m.5 views

AZL-54735 CVE-2024-56647 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...

5.5CVSS5.6AI score0.00217EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2023/10/12 7:0 a.m.3 views

Kernel: ipv4: null pointer dereference in ipv4_send_dest_unreach()

...

5.5CVSS7AI score0.00406EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2023/10/09 12:0 a.m.3 views

The vulnerability of the ipv4_send_dest_unreach() function in the net/ipv4/route.c module of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the ipv4senddestunreach function in the net/ipv4/route.c module of the Linux kernel is related to the assignment of a null pointer. Exploitation of this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00406EPSS
Exploits1References23Affected Software6
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.4 views

SUSE CVE-2005-0066

The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged aka "TCP acknowledgement number checking", which makes it easier for...

5CVSS7.1AI score0.10742EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.6 views

SUSE CVE-2005-0068

The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using 1 blind connection-reset attacks with forged...

5CVSS7.2AI score0.54387EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2020/12/09 4:45 p.m.91 views

CVE-2020-25705

A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...

7.4CVSS0.2AI score0.06692EPSS
Exploits1References3
CERT
CERT
added 2005/04/12 12:0 a.m.50 views

TCP/IP implementations do not adequately validate ICMP error messages

Overview Multiple TCP/IP implementations do not adequately validate ICMP error messages. A remote attacker could cause TCP connections to drop or be degraded using spoofed ICMP error messages. Description A number of widely accepted Internet standards describe different aspects of the relationshi...

7.5AI score
Exploits0References24
Rows per page
Query Builder