29 matches found
CVE-2026-7656
The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...
CVE-2026-7656 Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack
The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...
PT-2026-53753
Name of the Vulnerable Software and Affected Versions Zephyr versions prior to 4.4.0 Description An input validation weakness exists in the IPv6 Neighbor Discovery handlers within subsys/net/ip/ipv6 nbr.c. The functions handle ra input, handle ns input, and handle na input use an incorrect boolea...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: bonding: Fixed a NULL dereference of the ndtbl variable when IPv6 is disabled. When booting with the ipv6.disable=1 parameter, the ndtbl variable is never initialized because inet6init exits before ndiscinit is called,...
CVE-2026-10640
Summary: Zephyr’s IPv6 Neighbor Discovery send paths (ipv6_nbr.c) perform a use-after-free by reading iface from a freed net_pkt slab block when updating per-interface ICMP statistics, after the packet has been sent. This can corrupt iface-stats.icmp.sent or cause a crash/DoS if the slab memory i...
CVE-2026-43441
A flaw was found in the Linux kernel's bonding network interface. When IPv6 is disabled and bonding ARP/NS validation is enabled, a specially crafted IPv6 Neighbor Solicitation NS or Neighbor Advertisement NA packet received on a slave interface can trigger a NULL pointer dereference. This...
UBUNTU-CVE-2025-39850
In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix NPD in arp,neighreduce when using nexthop objects When the "proxy" option is enabled on a VXLAN device, the device will suppress ARP requests and IPv6 Neighbor Solicitation messages if it is able to reply on behalf of...
OSV-2024-955 Use-of-uninitialized-value in pcpp::IPv6Address::toString
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42536479 Crash type: Use-of-uninitialized-value Crash state: pcpp::IPv6Address::toString pcpp::NDPNeighborSolicitationLayer::toString pcpp::Packet::toStringList...
CVE-2024-6640 pf incorrectly matches different ICMPv6 states in the state table
In ICMPv6 Neighbor Discovery ND, the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation NS can trigger an Echo Reply. The packet has to come from the same host as the NS and have a zero as identifier to...
CVE-2022-35926 Out-of-bounds read in IPv6 neighbor solicitation in Contiki-NG
Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the module...
CVE-2022-35926 Out-of-bounds read in IPv6 neighbor solicitation in Contiki-NG
Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the module...
CVE-2022-35926 Out-of-bounds read in IPv6 neighbor solicitation in Contiki-NG
Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the module...
Schneider Electric Quantum Ethernet Module Improper Authentication (CVE-2011-4860)
The ComputePassword function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device aka the Quantum 140NOE771 module generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a ...
CVE-2021-21279
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In verions prior to 4.6, an attacker can perform a denial-of-service attack by triggering an infinite loop in the processing of IPv6 neighbor solicitation NS messages. This type of attack can effectively...
Design/Logic Flaw
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In verions prior to 4.6, an attacker can perform a denial-of-service attack by triggering an infinite loop in the processing of IPv6 neighbor solicitation NS messages. This type of attack can effectively...
CVE-2012-5363
The IPv6 implementation in FreeBSD and NetBSD unknown versions, year 2012 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393...
CVE-2012-5362
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669...
Design/Logic Flaw
The IPv6 implementation in FreeBSD and NetBSD unknown versions, year 2012 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393...
Code injection
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669...
CVE-2012-5363
CVE-2012-5363 affects the IPv6 ND/Neighbor Solicitation handling in FreeBSD and NetBSD (unknown versions, year 2012 and earlier). The issue allows remote attackers to cause a denial of service by flooding the stack with ICMPv6 Neighbor Solicitation messages, as described in the CVE entry. Connect...