16 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-23010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: Fix use-after-free in inet6addrdel. syzbot reported use-after-free of inet6ifaddr in inet6addrdel. 0 The cited commit accidentally moved ipv6deladdr for...
Siemens SIMATIC Devices NULL Pointer Dereference (CVE-2024-36902)
Vulnerability in Linux kernel: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. This plugin only works with Tenable.ot. Please visit...
CVE-2022-49904 net, neigh: Fix null-ptr-deref in neigh_table_clear()
In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fix null-ptr-deref in neightableclear When IPv6 module gets initialized but hits an error in the middle, kenel panic with: KASAN: null-ptr-deref in range 0x0000000000000598-0x000000000000059f CPU: 1 PID: 361 Comm:...
Linux Distros Unpatched Vulnerability : CVE-2017-9074
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, whic...
CVE-2025-21768 net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels Some lwtunnels have a dst cache for post-transformation dst. If the packet destination did not change we may end up recording a reference to the lwtunnel in its own...
CVE-2025-21765
In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU protection in ip6defaultadvmss ip6defaultadvmss needs rcu protection to make sure the net structure it reads does not disappear...
CVE-2024-56703
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix soft lockups in fib6selectpath under high next hop churn Soft lockups have been observed on a cluster of Linux-based edge routers located in a highly dynamic environment. Using the bird service, these routers continuous...
CVE-2022-48785
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...
CVE-2023-52340
The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c maxsize threshold that can be consumed easily, e.g., leading to a denial of service network is unreachable errors when IPv6 packets are sent in a loop via a raw socket...
CVE-2021-47126
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix KASAN: slab-out-of-bounds Read in fib6nhflushexceptions Reported by syzbot: HEAD commit: 90c911ad Merge tag 'fixes' of git://git.kernel.org/pub/scm.. git tree:...
kernel: hash collisions in the IPv6 connection lookup table
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6...
CVE-2022-3567
A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function inet6streamops/inet6dgramops of the component IPv6 Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211090 is the...
kernel: use-after-free via crafted IPV6 sendmsg for raw / tcp / udp / l2tp sockets.
It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service use-after-free and system crash via a crafted sendmsg system call...
CVE-2013-4162
The udpv6pushpendingframes function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service BUG and system crash via a crafted application that uses the UDPCORK option ...
Ubuntu 10.04 LTS : linux-ec2 vulnerability (USN-1664-1)
Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping fragments in ipv6. A remote attacker could exploit this flaw to bypass firewalls and initial new network connections that should have been blocked by the firewall. Note that Tenable Network Security has extracted the...
CVE-2010-0437
The ip6dstlookuptail function in net/ipv6/ip6output.c in the Linux kernel before 2.6.27 does not properly handle certain circumstances involving an IPv6 TUN network interface and a large number of neighbors, which allows attackers to cause a denial of service NULL pointer dereference and OOPS or...