CVE-2026-2379 Arista EOS IPsec Tunnel Sequence Number Mismatch via Interface Flaps when Anti-Replay is Disabled

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulti...

CVE-2020-1749 - A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

The vulnerability of IPv6 network protocol implementations in the Linux operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of IPv6 network protocol implementations in the Linux operating system’s kernel is related to the lack of protection for data transmitted through the IPsec tunnel. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to...

The vulnerability of Junos OS router devices of the SRX Series, related to IP packet processing errors, allows attackers to cause service interruptions.

The vulnerability of the Junos OS router series lies in errors in the processing of IP packets passing through the IPsec tunnel. Exploiting this vulnerability can allow a malicious actor to cause service interruptions from a remote location...

DUHK Attack against Fortinet Products

When devices use ANSI X9.31 RNG which was removed from the list of FIPS-approved random number generation algorithms in January 2016 to generate cryptographic key under a static seed and under use with long-lived security tunnels like SSL/TLS/SSH/IPSec, such devices are vulnerable to the DUHK...