Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: tls: Avoid hanging tasks when using txlock. The syzbot reported a situation where tasks were hung. Eric explained that the adversarial receiver may keep RWIN at 0 for a long time, so we cannot guarantee progress. Threads tha...

Linux Distros Unpatched Vulnerability : CVE-2025-68291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...

EUVD-2025-31585

Malicious code in bioql PyPI...

EUVD-2022-39495

Malicious code in bioql PyPI...

CVE-2025-56234

ATNA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC ATNA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within...

CVE-2025-56234

ATNA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC ATNA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within...

PT-2025-39838

Name of the Vulnerable Software and Affected Versions Nanda Automation Technology AT NA2000 affected versions not specified Description The AT NA2000 Programmable Logic Controller PLC exhibits a denial-of-service condition. The device improperly handles TCP RST packets, accepting a broad range of...

CVE-2025-56234

CVE-2025-56234 affects Nanda Automation Technology’s AT NA2000 PLC. The root cause is improper handling of TCP RST packets, accepting a broad range of sequence numbers within the receive window rather than requiring an exact match (RFC 5961). This enables an attacker to send numerous random TCP R...

CVE-2025-56233

Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be with...

CVE-2025-56233

Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be with...

PT-2025-39844

Name of the Vulnerable Software and Affected Versions Openindiana, kernel SunOS 5.11 Description The software exhibits a denial of service condition due to improper handling of TCP packets. Specifically, when processing TCP packets with the RST or SYN flag set, the system accepts a wide range of...

CVE-2025-56233

CVE-2025-56233 affects Openindiana kernel SunOS 5.11. TCP processing of RST/SYN allows a wide range of sequence numbers within the receive window, breaking RFC 5961. This can enable an attacker to send multiple random RST/SYN packets and cause denial of service by disrupting legitimate connection...

Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12260)

This vulnerability could lead to a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer overflow happens in the task calling recv/recvfrom/recvmsg. Applications that pass a buffer equal to or larger than a full TCP-window are not susceptible to...

Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12261)

The impact of this vulnerability is a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer overflow happens in the task calling recv/recvfrom/recvmsg. Applications that pass a buffer equal to or larger than a full TCP-window are not susceptible t...

Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Summary Attack scenario The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended to this vector. This can be remotely triggered in a numbe...

PT-2024-25032 · Yamux · Yamux

Name of the Vulnerable Software and Affected Versions: Yamux affected versions not specified Description: Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames, which is not bounded...

kernel: net: tls: avoid hanging tasks on the tx_lock

A denial-of-service flaw was found in the Linux kernel's TLS implementation. An adversarial network receiver can keep the TCP receive window RWIN at zero for extended periods, causing a thread holding the txlock to sleep indefinitely. Other tasks waiting for this lock become hung, leading to syst...

SUSE CVE-2009-1926

Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service TCP outage via a series of TCP sessions that have pending data and a 1 small or 2 zero receive window size, and remain in the...

CVE-2022-36795

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connectio...

CVE-2022-36795 BIG-IP software SYN cookies vulnerability CVE-2022-36795

In BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, and 14.1.x before 14.1.5.1, when an LTM TCP profile with Auto Receive Window Enabled is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connectio...