12 matches found
OESA-2026-1948 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a...
EUVD-2025-203789
In the Linux kernel, the following vulnerability has been resolved: mptcp: Initialise rcvmss before calling tcpsendactivereset in mptcpdofastclose. syzbot reported divide-by-zero in tcpselectwindow by MPTCP socket. 0 We had a similar issue for the bare TCP and fixed in commit 499350a5a6e7 "tcp:...
BIT-LOGSTASH-2025-37730 Logstash Improper Certificate Validation in TCP output
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle MitM attack in “client” mode, as hostname verification in TCP output was not being performed when the sslverificationmode = full was set...
CVE-2025-37730
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle MitM attack in “client” mode, as hostname verification in TCP output was not being performed when the sslverificationmode = full was set...
CVE-2025-37730 Logstash Improper Certificate Validation in TCP output
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle MitM attack in “client” mode, as hostname verification in TCP output was not being performed when the sslverificationmode = full was set...
CVE-2025-37730 Logstash Improper Certificate Validation in TCP output
Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle MitM attack in “client” mode, as hostname verification in TCP output was not being performed when the sslverificationmode = full was set...
CVE-2025-37730
CVE-2025-37730 concerns improper certificate validation in Logstash’s TCP output, enabling MitM in “client” mode due to hostname verification not occurring when ssl_verification_mode is set to full. Affected component is the Logstash TCP output plugin (logstash-output-tcp). The root cause is lack...
The vulnerability of the `tcp_can_coalesce_send_queue_head()` function in the `net/ipv4/tcp_output.c` module of the Linux kernel allows a attacker to cause a service failure.
The vulnerability of the tcpcancoalescesendqueuehead function in the net/ipv4/tcpoutput.c module of the Linux kernel is associated with code errors. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
SUSE CVE-2019-15239
In the Linux kernel, a certain net/ipv4/tcpoutput.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting...
Oracle Linux 7 : kernel (ELSA-2019-3979)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3979 advisory. - drm drm/i915/cmdparser: Fix jump whitelist clearing Dave Airlie 1756882 1756883 CVE-2019-0155 - drm drm/i915: Lower RM timeout to avoid DSI hard hang...
Design/Logic Flaw
In the Linux kernel, a certain net/ipv4/tcpoutput.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting...
UBUNTU-CVE-2019-15239
In the Linux kernel, a certain net/ipv4/tcpoutput.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting...