Lucene search
K

8 matches found

NVD
NVD
added 2026/06/16 3:16 p.m.15 views

CVE-2026-10640

Zephyr's IPv6 Neighbor Discovery send paths netipv6sendna, netipv6sendns, netipv6sendrs in subsys/net/ip/ipv6nbr.c updated the per-interface ICMP-sent statistics by calling netpktifacepkt after netsenddatapkt had already returned successfully. On the success path the network stack owns and releas...

7.1CVSS0.0037EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/16 1:28 p.m.25 views

CVE-2026-10640 Use-after-free reading `net_pkt` `iface` after send in IPv6 Neighbor Discovery (`ipv6_nbr.c`)

Zephyr's IPv6 Neighbor Discovery send paths netipv6sendna, netipv6sendns, netipv6sendrs in subsys/net/ip/ipv6nbr.c updated the per-interface ICMP-sent statistics by calling netpktifacepkt after netsenddatapkt had already returned successfully. On the success path the network stack owns and releas...

4.2CVSS0.0037EPSS
Exploits1References2
CVE
CVE
added 2026/06/16 1:28 p.m.17 views

CVE-2026-10640

Summary: Zephyr’s IPv6 Neighbor Discovery send paths (ipv6_nbr.c) perform a use-after-free by reading iface from a freed net_pkt slab block when updating per-interface ICMP statistics, after the packet has been sent. This can corrupt iface-stats.icmp.sent or cause a crash/DoS if the slab memory i...

7.1CVSS5.4AI score0.0037EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/16 1:22 p.m.15 views

CVE-2026-10639

Summary: Zephyr’s native IPv4 icmpv4_handle_echo_request() can perform a use-after-free when updating per-interface statistics after sending an ICMP echo reply. The code hands the echo-reply to the TX path, which may drop the packet and free the net_pkt before the post-send stats update runs. As ...

4.8CVSS5.6AI score0.00232EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2025/05/07 12:0 a.m.3 views

Bind Network Interfaces to the Correct Zones

Different filtering policies can be configured for different firewall zones. If the server network is complex and has multiple interfaces that provide different service functions, it is recommended that interfaces be configured in different zones and different firewall policies be configured. For...

6.8AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/11/09 5:32 p.m.5 views

dnsmasq: fixed outgoing port used when --server is used with an interface name

A flaw was found in dnsmasq. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and...

4.3CVSS7.3AI score0.01988EPSS
Exploits1References4
OSV
OSV
added 2021/04/08 11:15 p.m.2 views

ALPINE-CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...

4CVSS6.5AI score0.01988EPSS
Exploits1References1
OSV
OSV
added 2021/04/08 11:15 p.m.2 views

DEBIAN-CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...

4CVSS6.2AI score0.01988EPSS
Exploits1References1
Rows per page
Query Builder