Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - net: tls: avoiding hanging tasks on the txlock The syzbot reported a situation where tasks were hung. Eric explained that the adversarial receiver may keep RWIN at 0 for a long time, so we cannot guarantee progress. Threads...

Linux Distros Unpatched Vulnerability : CVE-2025-68291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...

EUVD-2025-31585

Malicious code in bioql PyPI...

EUVD-2022-39495

Malicious code in bioql PyPI...

CVE-2025-56234

ATNA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC ATNA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within...

CVE-2025-56234

ATNA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC ATNA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within...

CVE-2025-56233

Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be with...

CVE-2025-56233

CVE-2025-56233 affects Openindiana kernel SunOS 5.11. TCP processing of RST/SYN allows a wide range of sequence numbers within the receive window, breaking RFC 5961. This can enable an attacker to send multiple random RST/SYN packets and cause denial of service by disrupting legitimate connection...

PT-2025-39838

Name of the Vulnerable Software and Affected Versions Nanda Automation Technology AT NA2000 affected versions not specified Description The AT NA2000 Programmable Logic Controller PLC exhibits a denial-of-service condition. The device improperly handles TCP RST packets, accepting a broad range of...

CVE-2025-56234

CVE-2025-56234 affects Nanda Automation Technology’s AT NA2000 PLC. The root cause is improper handling of TCP RST packets, accepting a broad range of sequence numbers within the receive window rather than requiring an exact match (RFC 5961). This enables an attacker to send numerous random TCP R...

PT-2025-39844

Name of the Vulnerable Software and Affected Versions Openindiana, kernel SunOS 5.11 Description The software exhibits a denial of service condition due to improper handling of TCP packets. Specifically, when processing TCP packets with the RST or SYN flag set, the system accepts a wide range of...

CVE-2025-56233

Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be with...

Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12261)

The impact of this vulnerability is a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer overflow happens in the task calling recv/recvfrom/recvmsg. Applications that pass a buffer equal to or larger than a full TCP-window are not susceptible t...

Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12260)

This vulnerability could lead to a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer overflow happens in the task calling recv/recvfrom/recvmsg. Applications that pass a buffer equal to or larger than a full TCP-window are not susceptible to...

Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Summary Attack scenario The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended to this vector. This can be remotely triggered in a numbe...

PT-2024-25032 · Yamux · Yamux

Name of the Vulnerable Software and Affected Versions: Yamux affected versions not specified Description: Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames, which is not bounded...

kernel: net: tls: avoid hanging tasks on the tx_lock

A denial-of-service flaw was found in the Linux kernel's TLS implementation. An adversarial network receiver can keep the TCP receive window RWIN at zero for extended periods, causing a thread holding the txlock to sleep indefinitely. Other tasks waiting for this lock become hung, leading to syst...

SUSE CVE-2009-1926

Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service TCP outage via a series of TCP sessions that have pending data and a 1 small or 2 zero receive window size, and remain in the...

CVE-2022-36795

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connectio...

CVE-2022-36795 BIG-IP software SYN cookies vulnerability CVE-2022-36795

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connectio...