8 matches found
CVE-2026-29007
CVE-2026-29007 affects U-Boot (versions up to 2026.04-rc3) with CONFIG_PROT_TCP enabled. The issue is an out-of-bounds read in tcp_rx_state_machine() (net/tcp.c) triggered by a crafted IP packet whose total length and TCP data offset fields are mismatched, e.g., IP length 40 bytes and TCP header ...
kernel: netfilter: xt_tcpmss: check remaining length before reading optlen
A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987131)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987131 advisory. In the Linux kernel, the following vulnerability has been resolved: schcake: Fix out of bounds when parsing TCP options and header The TCP option parser in cake qdis...
Security update for kernel-livepatch-MICRO-6-0_Update_5
This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: CVE-2024-57882: mptcp: fix TCP options overflow. bsc1235916 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...
UBUNTU-CVE-2021-47244
In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix out of bounds when parsing TCP options The TCP option parser in mptcp mptcpgetoptions could read one byte out of bounds. When the length is 1, the execution flow gets into the loop, reads one byte of the opcode, and if...
UBUNTU-CVE-2021-47245
In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: Fix out of bounds when parsing TCP options The TCP option parser in synproxy synproxyparseoptions could read one byte out of bounds. When the length is 1, the execution flow gets into the loop, reads one byte...
Suricata 安全漏洞
Suricata is a suite of network Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, and network security monitoring engines developed by the Open Information Security Foundation OISF and its supporting vendors, which supports multi-threading, built-in IPv6, and the ability to load...
Wind River Systems VxWorks Parameter Denial of Service Vulnerability
Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A parameter injection vulnerability exists in Wind River Systems VxWorks. An attacker could exploit this vulnerability to cause a denial of service via malformed TCP options...