MiracleLinux 7 : kernel-3.10.0-1160.21.1.el7 (AXSA:2021-1625:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1625:06 advisory. kernel: Local buffer overflow in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c CVE-2020-25211 kernel: SCSI target LIO write to any...

MiracleLinux 8 : kernel-4.18.0-372.13.1.el8_6 (AXSA:2022-3780:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3780:12 advisory. kernel: buffer overflow in IPsec ESP transformation code CVE-2022-27666 kernel: out-of-bounds read in fbcongetfont function CVE-2020-28915 Tenable h...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004237)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004237 advisory. A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003854)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003854 advisory. A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004185 advisory. A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module,...

MiracleLinux 7 : libreswan-3.15-8.0.1.el7.AXS7 (AXSA:2016-1148:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1148:01 advisory. Libreswan is a free implementation of IPsec Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004415)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004415 advisory. A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001056)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001056 advisory. net/xfrm/xfrmpolicy.c in the Linux kernel through 4.12.3, when CONFIGXFRMMIGRATE is enabled, does not ensure that the dir value of xfrmuserpolicyid is XFRMPOLICYMAX ...

CVE-2026-21906

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode...

CVE-2026-21906

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode...

CVE-2026-21906 Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICMP packet causes the PFE to crash

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode...

CVE-2026-21906 Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICMP packet causes the PFE to crash

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode...

EUVD-2026-2698

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode...

CVE-2026-21906

CVE-2026-21906 overview (Junos OS SRX Series) A vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series can be triggered by a specific ICMP packet routed through a GRE tunnel when PowerMode IPsec (PMI) and GRE performance acceleration are enabled. An unauthe...

PT-2026-3120

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS on SRX Series versions prior to 21.4R3-S12 Juniper Networks Junos OS on SRX Series versions 22.4 before 22.4R3-S8 Juniper Networks Junos OS on SRX Series versions 23.2 before 23.2R2-S5 Juniper Networks Junos OS on SRX...

MiracleLinux 4 : openswan-2.6.32-9.0.1.AXS4 (AXSA:2012-70:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-70:01 advisory. Openswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication...

MiracleLinux 3 : ipsec-tools-0.6.5-8.2AXS3 (AXSA:2009-67:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2009-67:01 advisory. This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: ...

MiracleLinux 3 : ipsec-tools-0.6.5-13AXS3.1 (AXSA:2009-435:03)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2009-435:03 advisory. This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds:...

MiracleLinux 3 : ipsec-tools-0.6.5-8.1AXS3 (AXSA:2008-273:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2008-273:01 advisory. The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed IPsec cleanup over MPV devices When we call mlx5edetachnetdev, we ultimately disable the blocking event notifier. Among these events are IPsec MPV events from the IB to the core. Therefore, before disabling tho...