Lucene search
K

370 matches found

NVD
NVD
added 3 hours ago6 views

CVE-2026-14258

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser ...

6.5CVSS
Exploits0References4
CVE
CVE
added 5 hours ago7 views

CVE-2026-14258

CVE-2026-14258 affects dhcpcd’s IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement with a zero-length ND option bypasses validation during packet storage and is reparsed with inadequate validation, causing the parser to enter a non-advancing loo...

6.5CVSS5.7AI score
Exploits0References4
NVD
NVD
added 2 days ago7 views

CVE-2026-7656

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS0.00232EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 4:11 p.m.6 views

EUVD-2026-38496

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS5.8AI score0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 7:18 p.m.20 views

CVE-2026-48715 radvdump's Route Information Option Parser has a Stack Buffer Overflow

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...

7.7CVSS0.00203EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 7:18 p.m.24 views

CVE-2026-48715

CVE-2026-48715 affects the radvddump utility shipped with radvd (prior to v2.21). The issue is a stack buffer overflow in the Route Information option parser: during processing of a crafted ICMPv6 Router Advertisement, print_ff() copies up to 2032 bytes from packet data into a 16-byte on-stack st...

8.8CVSS6.1AI score0.00203EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/19 7:18 p.m.6 views

CVE-2026-48715

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...

8.8CVSS6.1AI score0.00203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in libndp

A vulnerability was discovered in libndp. This flaw allows a local malicious user to trigger a buffer overflow in NetworkManager, by sending a malformed IPv6 router advertisement packet. This issue occurred because libndp did not properly validate the route length information...

8.1CVSS7.3AI score0.01165EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.16 views

CVE-2026-7426

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid...

8.1CVSS6AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7425

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIXINFORMATION option that is smalle...

6.5CVSS5.5AI score0.00233EPSS
Exploits0References1
NVD
NVD
added 2026/04/29 8:16 p.m.4 views

CVE-2026-7426

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid...

8.1CVSS0.00246EPSS
Exploits0References4
NVD
NVD
added 2026/04/29 8:16 p.m.13 views

CVE-2026-7425

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIXINFORMATION option that is smalle...

6.5CVSS0.00233EPSS
Exploits0References4
CVE
CVE
added 2026/04/29 6:53 p.m.11 views

CVE-2026-7426

The CVE-2026-7426 entry concerns the IPv6 Router Advertisement handling in FreeRTOS-Plus-TCP. Insufficient validation of the prefix length field in Router Advertisement processing allows memory corruption (heap buffer overflow) on the affected stack when processing RA messages. Affected versions ...

8.1CVSS5.9AI score0.00246EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/29 6:53 p.m.33 views

CVE-2026-7426 Out-of-Bounds Write via Unsanitized Prefix Length in Router Advertisement Processing in FreeRTOS-Plus-TCP

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid...

8.1CVSS0.00246EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/29 6:53 p.m.5 views

CVE-2026-7426 Out-of-Bounds Write via Unsanitized Prefix Length in Router Advertisement Processing in FreeRTOS-Plus-TCP

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid...

8.1CVSS5.9AI score0.00246EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/29 6:52 p.m.9 views

EUVD-2026-26283

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIXINFORMATION option that is smalle...

6.5CVSS5.3AI score0.00233EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/29 6:52 p.m.5 views

CVE-2026-7425 Out-of-Bounds Read in Router Advertisement Option Parser in FreeRTOS-Plus-TCP

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIXINFORMATION option that is smalle...

6.5CVSS5.3AI score0.00233EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/29 6:52 p.m.37 views

CVE-2026-7425 Out-of-Bounds Read in Router Advertisement Option Parser in FreeRTOS-Plus-TCP

Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service device crash by sending a crafted Router Advertisement with a truncated PREFIXINFORMATION option that is smalle...

6.5CVSS0.00233EPSS
Exploits0References4
CVE
CVE
added 2026/04/29 6:52 p.m.19 views

CVE-2026-7425

The CVE-2026-7425 issue affects FreeRTOS-Plus-TCP’s IPv6 Router Advertisement parser. In versions prior to V4.2.6 and V4.4.1, insufficient option length validation allows a crafted Router Advertisement with a truncated PREFIX_INFORMATION option to cause a device crash (DoS). The vulnerability is ...

6.5CVSS5.3AI score0.00233EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.12 views

FreeRTOS-Plus-TCP 缓冲区错误漏洞

FreeRTOS-Plus-TCP is an extensible, open-source TCP/IP stack designed for use with FreeRTOS. Versions prior to V4.2.6 and V4.4.1 of FreeRTOS-Plus-TCP contained a buffer error vulnerability. This vulnerability stemmed from insufficient validation of the prefix length field during IPv6 router...

8.1CVSS6AI score0.00246EPSS
Exploits0References1
Rows per page
Query Builder