EUVD-2006-1246

Malware in sbrugna...

CVE-2024-50154 tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0 in reqsktimerhandler. """ We are seeing a use-after-free from a bpf prog attached to tracetcpretransmitsynack. The program passes th...

CVE-2020-7451

CVE-2020-7451 affects FreeBSD: TCP servers sending or retransmitting IPv6 SYN-ACK (and challenge ACK) segments may disclose one byte of kernel memory due to Traffic Class not initialized. Affected: FreeBSD 12.1-STABLE before r358739, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r358740...

CVE-2006-1242

The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...

Code injection

The ippushpendingframes function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan nmap -sI attack, which bypasses intended protections against such attacks...