23 matches found
EUVD-2025-209599
Assertion failure vulnerability in the PCO Protocol Configuration Options parser in the SMF Session Management Function component of Open5GS before v2.7.5 allows remote attackers to cause denial of service via specially crafted NGAP messages containing malformed length fields in protocol...
CLSA-2026-1777026478 Fix CVE(s): CVE-2026-34980
SECURITY UPDATE: control-character injection in scheduler option handling - debian/patches/CVE-2026-34980.patch: filter control characters from IPP string option values and reject "special" PPD keywords cupsFilter, cupsFilter2, etc. reported back by job filters to prevent filter/command injection...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003095)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003095 advisory. The ipv4pktinfoprepare function in net/ipv4/ipsockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service system crash via 1 an...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003282)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003282 advisory. The ipv4pktinfoprepare function in net/ipv4/ipsockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service system crash via 1 an...
CVE-2021-31344
A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions, SIMOTICS CONNECT 400 All versions V0.5.0.0, SIMOTICS CONNECT 400 All versions V1.0.0.0. ICMP echo packets with fake IP...
Linux Distros Unpatched Vulnerability : CVE-2019-16411
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4....
CVE-2025-32094
An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai...
PT-2025-2368 · Linux Foundation · Magma
Name of the Vulnerable Software and Affected Versions: Linux Foundation Magma versions = 1.8.0 Description: A buffer overflow was discovered in the decode protocol configuration options function at /3gpp/3gpp 24.008 sm ies.c. This issue allows attackers to cause a Denial of Service DoS via a...
kernel: ipvlan: out-of-bounds write caused by unclear skb->cb
A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalati...
Security update for stunnel (important)
openSUSE Security Update: Security update for stunnel Announcement ID: openSUSE-SU-2022:0872-1 Rating: important References: 1181400 1182529 SLE-20679 Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 An update that contains security fixes and contains one feature can now be installed...
PT-2024-11251 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The TCP option parser in mptcp mptcp get options could read one byte out of bounds. When the length is 1, the execution flow gets into the loop, reads one byte of the opcode, and if th...
Wind River Systems VxWorks Buffer Overflow Vulnerability
Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A buffer overflow vulnerability exists in the parsing of IP options on IPv4 packets in Wind River Systems VxWorks versions 7 and 6.9. An attacker could use this vulnerability to cause the tNet0 task...
kernel: ipv4: Invalid IP options could cause skb->dst drop
A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4pktinfoprepare function to drop/free the dst. This could result in a system crash or possible privilege escalation...
kernel: ipv4: Invalid IP options could cause skb->dst drop
A vulnerability was found in the Linux kernel where having malicious IP options present would cause the ipv4pktinfoprepare function to drop/free the dst. This could result in a system crash or possible privilege escalation...
Internet Bug Bounty: Apache HTTP Request Parsing Whitespace Defects
Apache HTTP Server, prior to release 2.4.25, accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTAB in parsing the request line. Any bare CR present in request lines was treated...
Smith - A Very Quick And Very Dirty Client/Server Tool For Testing Firewalls
A client/server style agent meant for testing connectivity to and from a machine on a network. Installation python setup.py install or pip install . should install smith. Note: If you want to use the tcp/udp protocol options, you'll need to install scapy and it's dependencies. Ubuntu has 'apt-get...
virtio-win: netkvm: malformed packet can cause BSOD
It was found that the Windows Virtio NIC driver did not sufficiently sanitize the length of the incoming IP packets, as demonstrated by a packet with IP options present but the overall packet length not being adjusted to reflect the length of those options. A remote attacker able to send a...
PT-2017-6647 · Netkvm +1 · Netkvm Windows Virtio Driver +1
Name of the Vulnerable Software and Affected Versions: NetKVM Windows Virtio driver affected versions not specified Description: The issue allows remote attackers to cause a denial of service, resulting in a guest crash. This can be achieved by sending a crafted IP packet with a length value that...
dhcp security update
CentOS Errata and Security Advisory CESA-2007:0970-01 An updated dhcp package that corrects a security flaw is now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. The dhcp package provides the ISC...
Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/3064/info A boundary condition error exists in telnet daemons derived from the BSD telnet daemon. Under certain circumstances, the buffer overflow can occur when a combination of telnet protocol options are received by the daemon. The function...