EUVD-2026-30135

A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...

SUSE-SU-2026:21559-1 Security update for wireshark

This update for wireshark fixes the following issues - CVE-2026-3201: missing limit checks in USB HID protocol dissector's parsereportdescriptor function can lead to memory exhaustion bsc1258907. - CVE-2026-3203: missing length checks in the RF4CE Profile protocol dissector can lead to illegal...

PT-2026-37409

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference exists in the icmp build probe function. This occurs when the IPv6 stack is not active specifically when CONFIG IPV6=m and not loaded, causing ipv6 stub-ipv6 d...

CVE-2026-29004

BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client udhcpc6 DNSSERVERS option handler in networking/udhcp/d6dhcpc.c that allows network-adjacent attackers to trigger memory corruption by sending a crafted DHCPv6 response with a malformed D6OPTDNSSERVER...

EUVD-2026-26999

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix for a lockdep issue in in6dumpaddrs According to reports from syzbot, we should not use rcudereference when rcureadlock is not held. WARNING: Suspicious RCU usage. 5.19.0-rc2-syzkaller 0 Not tainted...

CVE-2025-67188

A buffer overflow vulnerability exists in TOTOLINK A950RG V4.1.2cu.5204B20210112. The issue resides in the setRadvdCfg interface of the /lib/cstemodules/ipv6.so module. The function fails to properly validate the length of the user-controlled radvdinterfacename parameter, allowing remote attacker...

LSN-0115-1: Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mienumattrCVE-2024-27407. In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was...

Suricata IDPE 7.0.11

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and...

CVE-2023-30903

HP-UX could be exploited locally to create a Denial of Service DoS when any physical interface is configured with IPv6/inet6...

PT-2025-6804 · Schneider Electric · Enerlin'X Ife Interface

Name of the Vulnerable Software and Affected Versions: Schneider Electric - Enerlin’X IFE interface LV434001 versions All Description: A Denial-of-Service issue exists due to improper input validation, which can be triggered by sending malicious IPV6 packets to the device. This could cause the...

ipv6: prevent possible NULL deref in fib6_nh_init()

...

The vulnerability of the UDPv6 network protocol implementation in Linux operating systems allows attackers to trigger a service failure.

The vulnerability of the UDPv6 network protocol implementation in Linux operating systems is related to concurrent access to the dstentry structure during a race condition, due to the lack of synchronization in the sksetupcaps function within the net/core/sock.c module. Exploiting this...

The vulnerability of the IPv6 protocol implementation in Linux operating systems allows a hacker to cause a service failure.

The vulnerability of the IPv6 protocol implementation in Linux operating systems is related to uncontrolled resource consumption during the processing of hash tables. Exploiting this vulnerability allows a remote attacker to cause service interruptions by sending numerous SYN requests...

AZL-34781 CVE-2023-31130 affecting package grpc for versions less than 1.62.0-2

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

SUSE CVE-2010-4563

The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping...

CVE-2020-1603

Specific IPv6 packets sent by clients processed by the Routing Engine RE are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE. Instead, the RE allows these specific IPv6 packets to egress the RE, at which point a mbuf memory leak occurs within the...

kernel: net: IPv6 fragmentation implementation of nexthdr field may be associated with an invalid option

The IPv6 fragmentation implementation in the Linux kernel does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service out-of-bounds read and BUG or possibly have unspecified other impact via crafted socket and send syste...

The vulnerability of the Simple Network Management Protocol (SNMP) subsystem of the Cisco IOS operating system, which allows a hacker to inject code or trigger a system reboot.

Many vulnerabilities in the Simple Network Management Protocol SNMP subsystem of the Cisco IOS operating system are caused by buffer overflows. Exploitation of these vulnerabilities allows a malicious actor to inject code into the system or cause it to restart by sending specially created SNMP...

UBUNTU-CVE-2016-10142

An issue was discovered in the IPv6 protocol specification, related to ICMP Packet Too Big PTB messages. The scope of this CVE is all affected IPv6 implementations from all vendors. The security implications of IP fragmentation have been discussed at length in RFC6274 and RFC7739. An attacker can...