CVE-2025-12131

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service...

CVE-2025-12131

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service...

CVE-2025-12131

CVE-2025-12131 describes a vulnerability in handling of truncated 802.15.4 packets that can trigger an assertion and cause a denial of service. Documents reference an adjacent attacker vector and low attack complexity, with exposure tied to 802.15.4 packet processing; exploitation status is not p...

CVE-2025-12131 Truncated 802.15.4 packet leads to denial of service

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service...

CVE-2025-12131 Truncated 802.15.4 packet leads to denial of service

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service...

EUVD-2025-206827

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service...

CVE-2025-12131

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service...

PT-2026-6628

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

CVE-2023-37459 Out-of-bounds read when processing a received IPv6 packet

Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when a packet is received, the Contiki-NG network stack attempts to start the periodic TCP timer if it is a TCP packet with the SYN flag set. But the implementation does not first verify that a full TCP...

PT-2023-25973 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG versions 4.9 and prior Description: The issue arises when the Contiki-NG network stack attempts to start the periodic TCP timer for a TCP packet with the SYN flag set without verifying that a full TCP header has been received. This...

SUSE: Security Advisory (SUSE-SU-2018:0112-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : openssl-steam (openSUSE-2018-168)

This update for openssl-steam fixes the following issues : - Merged changes from upstream openssl Factory rev 137 into this fork for Steam. Updated to openssl 1.0.2k : - CVE-2016-7055: Montgomery multiplication may produce incorrect results boo1009528 - CVE-2016-7056: ECSDA P-256 timing attack ke...

CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...

CVE-2017-3731

CVE-2017-3731 describes an out-of-bounds read/crash in SSL/TLS when running on 32-bit hosts using certain ciphers. Public sources in the connected documents show multiple vendors referencing OpenSSL in affected configurations: on OpenSSL 1.1.0, CHACHA20/POLY1305 can trigger the crash; on OpenSSL ...

openssl: Truncated packet could crash via OOB read

An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite...

Vulnerability in OpenSSL - Truncated packet could crash via OOB read

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; user...

squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)

lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service assertion failure via a crafted DNS packet that only contains a header...