16 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from vsock incorrectly handling signals/timeouts when a connection has been established, potentially leading to...
EUVD-2025-7594
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-21854
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to...
SUSE CVE-2025-21854
In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsockproto::psockupdateskprot. However, there is an edge case where an unconnected...
DEBIAN-CVE-2025-21854
In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsockproto::psockupdateskprot. However, there is an edge case where an unconnected...
UBUNTU-CVE-2025-21854
In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsockproto::psockupdateskprot. However, there is an edge case where an unconnected...
CVE-2025-21854 sockmap, vsock: For connectible sockets allow only connected
In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsockproto::psockupdateskprot. However, there is an edge case where an unconnected...
CVE-2025-21854 sockmap, vsock: For connectible sockets allow only connected
In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsockproto::psockupdateskprot. However, there is an edge case where an unconnected...
SUSE CVE-2025-21683
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...
Terrapin Attack Downgrading the Fortresses of SSH
Summary: The Terrapin attack, a cryptographic exploit targeting the widely adopted SSH protocol, poses a threat to the security of over 15 million servers dispersed across the Internet. This vulnerability enables attackers to compromise the security of established connections by truncating the...
[NetScaler] Graceful disable service may trigger TCP RESET immediately
According to eDoc:Graceful shutdown of services. If we disable an HTTP service with the following command: disable service HTTPSvcName 0 -graceFul YES We expect to see all ESTABLISHED connections alive. But in real cases, we may see partial connections got TCP RST from NetScaler ADC immediately...
Undertow: DoS can be achieved as Undertow server waits for the LAST_CHUNK forever for EJB invocations
A flaw was found in Undertow with EJB invocations. This flaw allows an attacker to generate a valid HTTP request and send it to the server on an established connection after removing the LASTCHUNK from the bytes, causing a denial of service...
Quick 'n Easy WEB Server / Quick 'n Easy FTP Server DoS
Large number of established connections causes server to crash...
Baby ASP Web Server / FTP Server / POP Server DoS
Large number of established connections causes server to crash...
CVE-2004-1637
The CVE-2004-1637 entry concerns the Hawking Technologies HAR11A modem/router. The affected component is the device itself, where remote attackers can connect to port 254 to view a management interface and information on established connections, exposing sensitive information. The NVD metrics ass...
RealVNC DoS
DoS on large number of established connections...