EUVD-2026-16128

When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

CVE-2026-4247

CVE-2026-4247 affects FreeBSD TCP implementations (bases: 14.x, 15.x/releng) where, when a challenge ACK should be sent, tcp_respond() consumes the mbuf and can leak the mbuf if no ACK is sent. An attacker on-path or able to establish a TCP connection can craft packets that trigger a challenge AC...

CVE-2026-4247 TCP: remotely exploitable DoS vector (mbuf leak)

When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

CVE-2026-4247

When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

CVE-2026-4247 TCP: remotely exploitable DoS vector (mbuf leak)

When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the tcprespond function returning and leaking the mbuf when an ACK should not be sent. This vulnerability could allow attackers to exploit the system by...

PT-2026-28217

When a challenge ACK is to be sent tcp respond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...

FreeBSD : FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak) (7aa913e9-28d1-11f1-b35e-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7aa913e9-28d1-11f1-b35e-bc241121aa0a advisory. When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the...

FreeBSD-SA-26:06.tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:06.tcp Security Advisory The FreeBSD Project Topic: TCP: remotely exploitable DoS vector mbuf leak Category: core Module: tcp Announced: 2026-03-26 Credits:...

FreeBSD Security Advisory - FreeBSD-SA-26:06.tcp

FreeBSD Security Advisory - When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf...

FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak)

Problem Description: When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. Impact: If an attacker is either on path with an established TCP...

EUVD-2020-28588

Malware in sbrugna...

EUVD-2001-0696

Malware in sbrugna...

EUVD-2018-0847

Malware in sbrugna...

EUVD-2020-12518

Malware in sbrugna...

EUVD-2024-33357

Malicious code in bioql PyPI...

CVE-2020-7462

In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, improper mbuf handling in the kernel causes a use-after-free bug by sending IPv6 Hop-by-Hop options over the loopback interface. The use-after-free situation may result in unintended kernel behaviour including a kernel panic...

CVE-2010-2693

FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf buffer reference, which allows local users to cause a denial of service system file corruption and gain privileges via the sendfile system call...

CVE-2024-10934

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server...

CVE-2024-10934 OpenBSD NFS double-free vulnerability

In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS client and server implementation, do not use uninitialized variable in error handling of NFS server...