CVE-2026-9054

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

EUVD-2026-31403

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

PT-2026-42721

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

CVE-2026-43456

A flaw was found in the Linux kernel's bonding driver. When a non-Ethernet device, such as a Generic Routing Encapsulation GRE tunnel, is added to a bond, a type confusion vulnerability occurs. This happens because the bonding driver incorrectly copies network header operations from the slave...

Security Advisory 0137

Security Advisory 0137 PDF Date: May 5, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 5, 2026 | Initial release 1.1 | May 7, 2026 | Clarified 7280R3, 7500R3 and 7800R3 exposure is limited 1.2 | May 13, 2026 | Updated Mitigation section with a note of caution 1.3 | May 20, 2026 | Updated...

CVE-2026-23276

A flaw was found in the Linux kernel. When a bond device in broadcast mode has Generic Routing Encapsulation GRE tap interfaces configured as slaves, and these GRE tunnels are routed back through the bond, multicast or broadcast network traffic can trigger an infinite recursion. This recursion...

CVE-2026-23276

In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...

ROS-20260128-73-0020

A vulnerability in the net/ipv4/ipgre.c and net/ipv6/ip6gre.c modules of the Linux operating system kernel is related to resource management errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-21906

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode...

CVE-2026-21906

CVE-2026-21906 overview (Junos OS SRX Series) A vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series can be triggered by a specific ICMP packet routed through a GRE tunnel when PowerMode IPsec (PMI) and GRE performance acceleration are enabled. An unauthe...

ip6_gre: make ip6gre_header() robust

...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989720)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989720 advisory. In the Linux kernel, the following vulnerability has been resolved: ipgre: test csumstart instead of transport header GRE with TUNNELCSUM will apply local checksum...

EUVD-2025-27871

Malicious code in bioql PyPI...

CVE-2024-7595 GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet

GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered simil...

Design/Logic Flaw

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

CVE-2023-20072 Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

SUSE CVE-2005-1278

The isisprint function, as called by isoclnsprint, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service infinite loop via a zero length, as demonstrated using a GRE packet...

SUSE CVE-2007-0244

pptpgre.c in PoPToP Point to Point Tunneling Server pptpd before 1.3.4 allows remote attackers to cause a denial of service PPTP connection tear-down via 1 GRE packets with out-of-order sequence numbers or 2 certain GRE packets that are processed using a wrong pointer and improperly dequeued...