PT-2026-3125

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 21.4R3-S7-EVO Juniper Networks Junos OS Evolved versions 22.2 through 22.2R3-S4-EVO Juniper Networks Junos OS Evolved versions 22.3 through 22.3R3-S3-EVO Juniper Networks Junos OS Evolved...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001033)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001033 advisory. Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000940)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000940 advisory. The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between ...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Do not block the input queue by waiting for the MSC response. Currently, the gsmqueue function processes incoming frames. When opening a DLC channel, it calls gsmdlciopen, which in turn calls gsmmodemupdate. If the bas...

[SECURITY] Fedora 42 Update: NetworkManager-l2tp-1.52.0-1.fc42

This package contains software for integrating L2TP and L2TP over IPsec VPN support with the NetworkManager...

[SECURITY] Fedora 43 Update: NetworkManager-l2tp-1.52.0-1.fc43

This package contains software for integrating L2TP and L2TP over IPsec VPN support with the NetworkManager...

PT-2026-8113

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a data-race condition within the l2tp tunnel del work function. This issue arises when handling kernel sockets, specifically during the deletion of an L2TP...

CVE-2023-54214

CVE-2023-54214: Linux kernel Bluetooth L2CAP fix for a use-after-free involving alloc_skb that could release and reacquire the chan lock, potentially causing the channel to disconnect. The vulnerability is addressed by the kernel patch, with advisories from SUSE (SUSE-SU-2026:0316/0317) noting th...

Exploit for CVE-2025-14558

CVE-2025-14558 FreeBSD rtsold DNSSL Command Injection RCE...

CVE-2025-36917

In SwDcpItg of upL2commonPdcpSecurity.cpp, there is a possible denial of service due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

PT-2025-49669

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tp tunnel register When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tp tunnel register. This situation is reproduc...

Enhancing the Security of Rollup Sequencers Using Decentrally Attested TEEs

The growing scalability demand of public Blockchains led to the rise of Layer-2 solutions, such as Rollups. Rollups improve transaction throughput by processing operations off-chain and posting the results on-chain. A critical component in Rollups is the Sequencer, responsible for receiving,...

Silabs RS9116W 安全漏洞

Silabs RS9116W is a wireless connectivity module from Silabs USA. A security vulnerability exists in the Silabs RS9116W, which originates from the reception of malformed L2CAP packets that could lead to a denial of service attack...

CVE-2025-40071 tty: n_gsm: Don't block input queue by waiting MSC

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-018712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-018712 advisory. u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986784)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986784 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in l2tpip6sendmsg When len = INTMAX - transhdrlen, ulen = len +...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414360)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414360 advisory. A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol L2TP. A missing lock when clearing skuserdata can lead to a race condition and NULL pointer...

CVE-2025-11294

A vulnerability was detected in Belkin F9K1015 1.00.10. Affected by this issue is some unknown functionality of the file /goform/formL2TPSetup. The manipulation of the argument L2TPUserName results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used...

CVE-2025-11294

A vulnerability was detected in Belkin F9K1015 1.00.10. Affected by this issue is some unknown functionality of the file /goform/formL2TPSetup. The manipulation of the argument L2TPUserName results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used...