Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: gtp: Fixed the list corruption issue in gtpnetexitbatchrtnl. Brad Spengler reported the listdel corruption issue in gtpnetexitbatchrtnl. 0 The commit eb28fd76c0a0 “gtp: Destroy the device along with the udp socket’s netns...

CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

CVE-2026-7473 Arista EOS Unexpected Tunnel Protocol Decapsulation and Forwarding Bypass

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255577. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256097...

CVE-2026-23120

In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tptunneldelwork / skcommonrelease write to...

EUVD-2022-27382

Malicious code in bioql PyPI...

EUVD-2023-24251

Malicious code in bioql PyPI...

CVE-2021-32593

A use of a broken or risky cryptographic algorithm vulnerability CWE-327 in the Dynamic Tunnel Protocol of FortiWAN before 4.5.9 may allow an unauthenticated remote attacker to decrypt and forge protocol communication messages...

UBUNTU-CVE-2025-21865

In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtpnetexitbatchrtnl. Brad Spengler reported the listdel corruption splat in gtpnetexitbatchrtnl. 0 Commit eb28fd76c0a0 "gtp: Destroy device along with udp socket's netns dismantle." added th...

UBUNTU-CVE-2025-21678

In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtpnewlink links the device to a list in devnetdev instead of srcnet, where a udp tunnel socket is created. Even when srcnet is removed, the device stays alive on...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a tunnel reference count underflow issue in the l2tp component...

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

Design/Logic Flaw

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

The vulnerability of the packet processing and fragmentation mechanism in Cisco IOS XE tunnel protocol allows a attacker to trigger a service failure.

The vulnerability of the packet processing and fragmentation mechanism in Cisco IOS XE operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2023-20072 Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

CVE-2023-20072 Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

PT-2023-1888 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the fragmentation handling code of tunnel protocol packets could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting ...