31 matches found
EUVD-2026-16128
When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...
CVE-2026-4247 TCP: remotely exploitable DoS vector (mbuf leak)
When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...
CVE-2026-4247
When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...
CVE-2026-4247
CVE-2026-4247 affects FreeBSD TCP implementations (bases: 14.x, 15.x/releng) where, when a challenge ACK should be sent, tcp_respond() consumes the mbuf and can leak the mbuf if no ACK is sent. An attacker on-path or able to establish a TCP connection can craft packets that trigger a challenge AC...
PT-2026-28217
When a challenge ACK is to be sent tcp respond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves...
FreeBSD 安全漏洞
FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the tcprespond function returning and leaking the mbuf when an ACK should not be sent. This vulnerability could allow attackers to exploit the system by...
FreeBSD Security Advisory - FreeBSD-SA-26:06.tcp
FreeBSD Security Advisory - When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf...
FreeBSD-SA-26:06.tcp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:06.tcp Security Advisory The FreeBSD Project Topic: TCP: remotely exploitable DoS vector mbuf leak Category: core Module: tcp Announced: 2026-03-26 Credits:...
FreeBSD : FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak) (7aa913e9-28d1-11f1-b35e-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7aa913e9-28d1-11f1-b35e-bc241121aa0a advisory. When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the...
FreeBSD -- TCP: remotely exploitable DoS vector (mbuf leak)
Problem Description: When a challenge ACK is to be sent tcprespond constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. Impact: If an attacker is either on path with an established TCP...
EUVD-2020-12518
Malware in sbrugna...
EUVD-2018-0847
Malware in sbrugna...
Juniper Junos OS Vulnerability (JSA70192)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70192 advisory. An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker t...
CVE-2023-22396
An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service Do...
Design/Logic Flaw
An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service Do...
Design/Logic Flaw
A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. In an MPLS scenario specific packets destined to an Integrated Routing and Bridging irb interface of the...
CVE-2023-22396 Junos OS: Receipt of crafted TCP packets destined to the device results in MBUF leak leading to a Denial of Service (DoS)
An Uncontrolled Resource Consumption vulnerability in TCP processing on the Routing Engine RE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to send crafted TCP packets destined to the device, resulting in an MBUF leak that ultimately leads to a Denial of Service Do...
PT-2023-1060 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 19.3R3-S7 Junos OS 19.4 versions prior to 19.4R3-S9 Junos OS 20.1 version 20.1R1 and later versions Junos OS 20.2 versions prior to 20.2R3-S5 Junos OS 20.3 versions prior to 20.3R3-S5 Junos OS 20.4 versions prior to...
PT-2023-3067 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions 12.3R12-S19 through 22.3R2 Juniper Networks Junos OS versions 15.1R7-S10 through 22.3R2 Juniper Networks Junos OS versions 17.3R3-S12 through 22.3R2 Juniper Networks Junos OS versions 18.4R3-S9 through 22.3R...
Juniper Junos Kernel Crash (vmcore) or FPC Crash (JSA11040)
According to its self-reported version, the Junos OS installed on the remote host is affected by a denial of service DoS vulnerability. On Juniper Networks Junos OS devices, a stream of TCP packets sent to the Routing Engine RE may cause mbuf leak which can lead to Flexible PIC Concentrator FPC...