26 matches found
SUSE CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
EUVD-2026-32371
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
UBUNTU-CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905 xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905
CVE-2026-45905 : In the Linux kernel, a race in icmp_route_lookup’s reverse path can cause an ICMP output path to select a LOCAL route due to a faulty call to ip_route_input(). Specifically, during reverse-path handling, ip_route_input() may receive fl4_dec.daddr as destination and return a LOCAL...
CVE-2026-45905
xfrm: fix iprtbug race in icmproutelookup reverse path...
Linux Distros Unpatched Vulnerability : CVE-2026-45905
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages,...
PT-2026-43772
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the icmp route lookup function during the reverse path process for sending ICMP error messages with XFRM IPsec policies. When the system acts as a forwarding...
Enable Reverse Path Filtering
Setting net.ipv4.conf.all.rpfilter and net.ipv4.conf.default.rpfilter to 1 forces the Linux kernel to perform reverse path filtering on a received packet and check the validity of its source address. If the Linux kernel queries the routing table in which the source address is included and finds...
Linux Bug Opens Most VPNs to Hijacking
A vulnerability in most Linux distros has been uncovered that allows a network-adjacent attacker to hijack VPN connections and inject rogue data into the secure tunnels that victims are using to communicate with remote servers. According to researchers at University of New Mexico and Breakpointin...
New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The...
PT-2019-5065
Name of the Vulnerable Software and Affected Versions Linux affected versions not specified FreeBSD affected versions not specified OpenBSD affected versions not specified MacOS affected versions not specified iOS affected versions not specified Android affected versions not specified Description...
Linux: Reverse path filtering
Reverse Path Filtering is a process to confirm that a receiving packet source address is routable. If enabled, a not routable packet is dropped. This script tests whether the Linux host is configured to drop not routable packets. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions...
Cisco ASA Unicast Reverse Path Forwarding (uRPF) Bypass Vulnerability
No description provided by source...
The vulnerability of Cisco Adaptive Security Appliance’s network firewall, which allows attackers to bypass the uPRF inspection mechanism
The vulnerability of the Unicast Reverse Path Forwarding uRPF protection mechanism in Cisco Adaptive Security Appliances exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass the uRPF mechanism, which is designed to protect against I...
Cisco ASA uRFP Bypass Vulnerability (Cisco-SA-20150812-CVE-2015-4321)
Cisco ASA is prone to a Unicast Reverse Path Forwarding Bypass vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...
Design/Logic Flaw
The Unicast Reverse Path Forwarding uRPF implementation in Cisco Adaptive Security Appliance ASA Software 9.31.50, 9.32.100, 9.33, and 9.41 mishandles cases where an IP address belongs to an internal interface but is also in the ASA routing table, which allows remote attackers to bypass uRPF...
Cisco ASA uRPF Checksum Bypass Vulnerability
The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. The Cisco Adaptive Security Appliance uRPF has a security vulnerability. Due to failure to properly verify the uRPF of an external interface IP message, if the IP address...