6 matches found
netfilter: ip6t_hbh: reject oversized option lists
...
EUVD-2026-38718
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6thbh: reject oversized option lists struct ip6topts stores at most IP6TOPTSOPTSNR option descriptors, but hbhmt6check does not reject larger optsnr values supplied from userspace. Validate optsnr in the rule setup...
CVE-2026-56115
A flaw was found in dhcpcd. This vulnerability allows an unauthenticated attacker on the same network link to trigger a one-byte stack out-of-bounds write. By sending a specially crafted DHCPv6 ADVERTISE message with an oversized option, the attacker can corrupt adjacent stack memory. This can le...
PT-2026-51708
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter module where the hbh mt6 check function fails to reject optsnr values supplied from userspace that exceed the capacity of the struct ip6t opts structure...
Foxit Remote Access Server telnet server DoS
Crash on oversized option...
Buffer overflow in HP-UX cifslogin
Buffer overflow on oversized -P option...