CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

CVE-2025-20192

A vulnerability in the Internet Key Exchange version 1 IKEv1 implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability. This vulnerability is du...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: - In the net subsystem, do not delay the execution of dstentriesadd within dstrelease. - dstentriesadd uses data per-core that might be freed during the dismantling of ip6routenetexit, by calling dstentriesdestroy. Before...

RHEL 9 : libreswan (RHSA-2025:0309)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:0309 advisory. Libreswan is an implementation of IPsec and IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide...

CVE-2024-40765

An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service DoS and potentially execute arbitrary code by sending a specially crafted IKEv2 payload...

Ivanti Connect Secure Out-of-Bounds Read Vulnerability

Ivanti Connect Secure is a secure remote network connection tool from Ivanti USA. Ivanti Connect Secure suffers from an out-of-bounds read vulnerability that stems from a lack of proper authentication of user-supplied data in IPsec, which can be exploited by an attacker to cause a denial of servi...

kernel: bonding: fix xfrm real_dev null pointer dereference

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

Moderate: Red Hat Security Advisory: libreswan security update

An update for libreswan is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

CVE-2024-38649

An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1Not Applicable to 9.1Rx allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-38649

The CVE-2024-38649 issue is an out-of-bounds write in IPsec of Ivanti Connect Secure older than 22.7R2.1 (not applicable to 9.1Rx) that can be exploited remotely by an unauthenticated attacker to cause a denial of service. Connected advisories confirm this vulnerability affects Ivanti Connect Sec...

CVE-2024-38649

An out-of-bounds write in IPsec of Ivanti Connect Secure before version 22.7R2.1Not Applicable to 9.1Rx allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-47907

A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-47907

A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-47907

A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-47907

A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service...

CVE-2024-50036

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2024-50036 net: do not delay dst_entries_add() in dst_release()

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2024-50036

CVE-2024-50036 is a Linux kernel vulnerability where dst_entries_add() uses per-CPU data that can be freed during netns dismantle, making dst_entries_destroy() race with dst_release() and potentially causing a use-after-free. The issue arises because the count of dsts must be decremented earlier,...

CVE-2024-50036 net: do not delay dst_entries_add() in dst_release()

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2024-50036 net: do not delay dst_entries_add() in dst_release()

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...