151 matches found
CVE-2026-46099
A flaw was found in the Linux kernel's IPv6 networking implementation, specifically within the seg6 and rpl lwtunnels. A race condition can occur when handling destination cache entries, where a NOREF no reference destination object is used after it has been freed. This use-after-free vulnerabili...
CVE-2026-46099
In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to dstcachesetip6 invoking dsthold unconditionally. On PREEMPTRT, ksoftirqd is...
CVE-2026-46099
net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6init is incorrect when the CONFIGIPV6SEG6LWTUNNEL configuration option is not defined. In such cases, if seg6hmacinit fails, genlunregisterfamily will not be calle...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: sr – fixed possible use-after-free and nullptrderef issues. The pernet operations structure for the subsystem must be registered before registering the generic netlink family...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021600)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021600 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing skbuff release in seg6inputcore The seg6input function is responsible for...
SUSE CVE-2026-28532
FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16t accumulator variable truncates uint32t values returned by the TLVSIZE macro, causing the loop termination condition to fail while pointer...
GoBGP has an Improper Resource Shutdown or Release
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
CVE-2026-7734
A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefixsid.go of the component SRv6 L3 Service. Such manipulation of the argument data leads to denial of service. The attack may be performed from...
PT-2026-36763
Name of the Vulnerable Software and Affected Versions osrg GoBGP versions prior to 4.4.0 Description A remote denial of service can occur in the SRv6 L3 Service component. The issue exists within the SRv6L3ServiceAttribute.DecodeFromBytes function located in the pkg/packet/bgp/prefix sid.go file,...
GoBGP 安全漏洞
GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained security vulnerabilities. These vulnerabilities stemmed from a function in the SRv6 L3 Service component called pkg/packet/bgp/prefixsid.go. The function...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: Fix the issue of failing to release the skbuff in seg6inputcore. The seg6input function is responsible for adding the SRH into a packet, delegating this operation to seg6inputcore. This function uses skbcowhead to ensur...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix out-of-bounds read when setting HMAC data. The SRv6 layer allows defining HMAC data that can later be used to sign IPv6 Segment Routing Headers. This configuration is realised via netlink through four attributes:...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: seg6: Fixed validation of nexthop addresses The kernel currently validates that the length of the provided nexthop address does not exceed the specified limit. This could lead to the kernel reading uninitialized memory if the use...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
A out-of-bounds read vulnerability was discovered in the SR-IPv6 implementation within the Linux kernel. The flaw arises from the processing of seg6 attributes. The issue stems from the improper validation of user-provided data, which can lead to reading data beyond the bounds of an allocated...
DEBIAN-CVE-2026-28532
FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16t accumulator variable truncates uint32t values returned by the TLVSIZE macro, causing the loop termination condition to fail while pointer...
CVE-2026-28532
FRRouting before 10.5.3 is affected by an integer overflow in seven OSPF Traffic Engineering and Segment Routing TLV parser functions. A uint16_t accumulator truncates uint32_t values returned by TLV_SIZE(), causing the loop termination condition to fail while pointer advancement continues. An at...
PT-2026-36172
Name of the Vulnerable Software and Affected Versions FRRouting versions prior to 10.5.3 Description An integer overflow exists in seven OSPF Traffic Engineering and Segment Routing TLV parser functions. A uint16 t accumulator variable truncates uint32 t values returned by the TLV SIZE macro, whi...
FRRouting 缓冲区错误漏洞
FRouting is an open-source network routing software suite developed for Unix-like platforms. Versions of FRRouting prior to 10.5.3 contained a buffer error vulnerability. This vulnerability stemmed from integer overflows in seven OSPF traffic engineering and segment routing TLV parser functions...
Juniper Junos OS Vulnerability (JSA83015)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83015 advisory. - An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sendin...