Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.23 views

Linux Distros Unpatched Vulnerability : CVE-2026-53183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not...

7.5CVSS6.2AI score0.00506EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:15 a.m.6 views

mptcp: allow subflow rcv wnd to shrink

...

7.5CVSS5.8AI score0.00506EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/26 10:50 a.m.10 views

CVE-2026-53183

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. This vulnerability occurs because the TCP stack independently manages the TCP-level receive window, which can lead to an artificial inflation of the MPTCP receive window. A remote attacker could exploit this by sending...

7.5CVSS6AI score0.00506EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53183

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

7.5CVSS0.00506EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53183

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

8.7CVSS5.7AI score0.00506EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 8:38 a.m.6 views

EUVD-2026-39274

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

5.7AI score0.00506EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.30 views

CVE-2026-53183 mptcp: allow subflow rcv wnd to shrink

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

7.5CVSS0.00506EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.6 views

CVE-2026-53183

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

7.5CVSS5.7AI score0.00506EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:38 a.m.24 views

CVE-2026-53183

CVE-2026-53183 affects the Linux kernel MPTCP implementation. The issue allows the TCP subflow receive window to shrink independently of the netns, which can inflate the MPTCP receive window and cause incoming data to exceed the receiver’s rcvbuf, potentially leading to DoS or a system becoming u...

7.5CVSS5.7AI score0.00506EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/06/25 8:38 a.m.1 views

CVE-2026-53183 mptcp: allow subflow rcv wnd to shrink

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.4 views

PT-2026-52279

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Multipath TCP MPTCP implementation where the window field in the TCP header refers to the MPTCP-level rcv nxt. Because the TCP stack independently prevents the...

8.7CVSS6AI score0.00506EPSS
Exploits0References20
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Networks: TLS – Avoid hanging tasks when using txlock. The syzbot reported a situation where tasks were hung. Eric explains that the adversarial receiver may keep RWIN at 0 for a long time, so we cannot guarantee progress. Thread...

5.9AI score0.0018EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-68291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...

6.2AI score0.00175EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39495

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00616EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31585

Malicious code in bioql PyPI...

6.6AI score0.00312EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/30 12:45 a.m.14 views

CVE-2025-56234

ATNA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC ATNA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within...

6.9AI score0.00312EPSS
Exploits0References1
NVD
NVD
added 2025/09/29 5:15 p.m.9 views

CVE-2025-56234

ATNA2000 from Nanda Automation Technology vendor has a denial-of-service vulnerability. For the processing of TCP RST packets, PLC ATNA2000 has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within...

7.5CVSS0.00312EPSS
Exploits0References1
CVE
CVE
added 2025/09/29 12:0 a.m.15 views

CVE-2025-56233

CVE-2025-56233 affects Openindiana kernel SunOS 5.11. TCP processing of RST/SYN allows a wide range of sequence numbers within the receive window, breaking RFC 5961. This can enable an attacker to send multiple random RST/SYN packets and cause denial of service by disrupting legitimate connection...

7.5CVSS6.3AI score0.00312EPSS
Exploits0References1
CVE
CVE
added 2025/09/29 12:0 a.m.13 views

CVE-2025-56234

CVE-2025-56234 affects Nanda Automation Technology’s AT NA2000 PLC. The root cause is improper handling of TCP RST packets, accepting a broad range of sequence numbers within the receive window rather than requiring an exact match (RFC 5961). This enables an attacker to send numerous random TCP R...

7.5CVSS6.5AI score0.00312EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.6 views

PT-2025-39844

Name of the Vulnerable Software and Affected Versions Openindiana, kernel SunOS 5.11 Description The software exhibits a denial of service condition due to improper handling of TCP packets. Specifically, when processing TCP packets with the RST or SYN flag set, the system accepts a wide range of...

7.5CVSS6.4AI score0.00312EPSS
Exploits0References4
Rows per page
Query Builder