EUVD-2026-12095

Yamux vulnerable to remote Panic via malformed Data frame with SYN set and len = 262145...

CVE-2026-32314 Yamux remote Panic via malformed Data frame with SYN set and len = 262145

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULTCREDIT e.g. 262145. On the first packet of a new...

AZL-70144 CVE-2025-37861 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...

PT-2023-25973 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG versions 4.9 and prior Description: The issue arises when the Contiki-NG network stack attempts to start the periodic TCP timer for a TCP packet with the SYN flag set without verifying that a full TCP header has been received. This...