Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: In tcp, use refcountincnotzero in tcptwskunique. Anderson Nascimento reported a use-after-free issue in tcptwskunique, with a detailed analysis. Since the commit ec94c2696f0b „tcp/dccp: avoid one atomic operation for timewait...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net: Use sockgenput when skstate is TCPTIMEWAIT. It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...

Siemens SIMATIC Devices Use After Free (CVE-2024-36904)

In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcountincnotzero in tcptwskunique. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

Overcoming TCP/IP Connection Limits with PgBouncer and PostgreSQL on Windows

Challenge When running PgBouncer and PostgreSQL on Windows, especially under high-load scenarios with frequent connect/disconnect cycles, you may encounter exhaustion of available TCP ports. This is due to many connections ending up in the TIMEWAIT state, preventing immediate reuse of those ports...

Linux Distros Unpatched Vulnerability : CVE-2025-37894

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct...

DEBIAN-CVE-2025-37894

In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...

UBUNTU-CVE-2025-37894

In the Linux kernel, the following vulnerability has been resolved: net: use sockgenput when skstate is TCPTIMEWAIT It is possible for a pointer of type struct inettimewaitsock to be returned from the functions inetlookupestablished and inet6lookupestablished. This can cause a crash when the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper socket release in the TCPTIMEWAIT state, which could lead to a crash...

PT-2025-22156 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue arises when a pointer of type struct inet timewait sock is returned from the functions inet lookup established and inet...

OESA-2024-2181 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcountincnotzero in tcptwskunique. Anderson Nascimento reported a use-after-free splat in tcptwskunique with nice analysis. Since commit ec94c2696f0b...

SUSE CVE-2024-36904

In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcountincnotzero in tcptwskunique. Anderson Nascimento reported a use-after-free splat in tcptwskunique with nice analysis. Since commit ec94c2696f0b "tcp/dccp: avoid one atomic operation for timewait hashdance",...

CVE-2024-36904 tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().

In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcountincnotzero in tcptwskunique. Anderson Nascimento reported a use-after-free splat in tcptwskunique with nice analysis. Since commit ec94c2696f0b "tcp/dccp: avoid one atomic operation for timewait hashdance",...

DEBIAN-CVE-2021-46936

In the Linux kernel, the following vulnerability has been resolved: net: fix use-after-free in twtimerhandler A real world panic issue was found as follow in Linux 5.4. BUG: unable to handle page fault for address: ffffde49a863de28 PGD 7e6fe62067 P4D 7e6fe62067 PUD 7e6fe63067 PMD f51e064067 PTE 0...

The vulnerability of the NX-OS network operating system allows a hacker to induce a maintenance failure.

The vulnerability of the NX-OS network operating system is related to resource management errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure TCP stack reboot by sending TCP packets to the device during the TIMEWAIT TCP session...

Cisco NX-OS Software Denial of Service Vulnerability (CNVD-2016-01460)

Cisco NX-OS is a data center-class operating system. A security vulnerability exists in the TCP stack of Cisco NX-OS Software that originates from the incorrect handling of packets within a TCP session when the affected device is in the TIMEWAIT state. Exploitation of this vulnerability by an...