CVE-2025-55092

In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxipv4optionprocess when processing an IPv4 packet with the timestamp option...

CVE-2025-55092

In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxipv4optionprocess when processing an IPv4 packet with the timestamp option...

CVE-2025-55092

In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxipv4optionprocess when processing an IPv4 packet with the timestamp option...

CVE-2025-55092

CVE-2025-55092 affects Eclipse Foundation NetX Duo prior to 6.4.4, a networking stack for Eclipse ThreadX. The issue is a potential out-of-bounds read in the IPv4 handling path: in the function _nx_ipv4_option_process(), triggered when processing an IPv4 packet with the timestamp option. The Red ...

EUVD-2025-34873

In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxipv4optionprocess when processing an IPv4 packet with the timestamp option...

CVE-2025-55092 Potential out of bound read in _nx_ipv4_option_process()

In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxipv4optionprocess when processing an IPv4 packet with the timestamp option...

CVE-2025-55092 Potential out of bound read in _nx_ipv4_option_process()

In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxipv4optionprocess when processing an IPv4 packet with the timestamp option...

Eclipse ThreadX NetX Duo 安全漏洞

Eclipse ThreadX NetX Duo is an IPv4 and IPv6 dual network stack for Eclipse ThreadX open source. A security vulnerability exists in Eclipse ThreadX NetX Duo versions prior to 6.4.4, which stems from the processing of IPv4 packets with a timestamp option that can lead to out-of-bounds reads...

EUVD-2000-0439

Malware in sbrugna...

SUSE CVE-2006-0454

Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmpsend, does not properly handle when the ipoptionsecho function in icmp.c fails, which allows remote attackers to cause a denial of service crash via vectors such as 1 record-route and 2 timestamp IP options wi...

SUSE CVE-2018-1046

pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. In the dnsreplay tool provided with PowerDNS Authoritative, replaying a specially crafted PCAP file can trigger a stack-based buffer overflow, leading to a crash and potentially arbitrary code execution. This buffer overfl...

DEBIAN-CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...

UBUNTU-CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...

PT-2020-6918 · Suricata · Suricata

Name of the Vulnerable Software and Affected Versions: Suricata version 5.0.0 Description: A problem was discovered in Suricata where it is possible to bypass or evade any TCP-based signature by faking a closed TCP session using a malicious server. After the TCP SYN packet, it is possible to inje...

UBUNTU-CVE-2019-16411

An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o-len data + 3" places one beyond the 3 bytes, because the...

Multiple Vendor TCP Timestamp Option Denial of Service attack - Ver2 (CVE-2005-0356)

A denial-of-service vulnerability has been reported in multiple products. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

CVE-2005-0740

The TCP stack tcpinput.c in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service system panic via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout...