Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: SCTP: Added mutual exclusion in procsctpdoudpport. We must serialize calls to sctpudpsockstop and sctpudpsockstart, or risk a crash, as syzbot reported: Oops: General protection fault, likely due to a non-canonical address...

Astra Linux - уязвимость в net-snmp

The handleipDefaultTTL in agent/mibgroup/ip-mib/ipscalars.c in Net-SNMP versions 5.8 through 5.9.3 has a NULL Pointer Exception bug. This bug can be exploited by a remote attacker who has write access to cause the instance to crash via a crafted UDP packet, resulting in a Denial of Service attack...

Astra Linux - уязвимость в linux, linux-5.10

A flaw in the processing of received ICMP errors such as ICMP fragments and ICMP redirections within the Linux kernel’s functionality was identified. This flaw allows an off-path remote user to quickly scan open UDP ports. This vulnerability enables a remote user to bypass the UDP source port...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: udp: Do not accept non-tunnel GSO packets that land in a tunnel. When rx-udp-gro-forwarding is enabled, UDP packets may be forwarded in a way that causes them to land in a tunnel. This can lead to various issues. udpgroreceive...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: dropping UFO packets in udprcvSegment When sending a packet with virtionetHdr to the tun device, if the gsotype in virtionetHdr is SKBGSOUDP and the gsoSize is less than udphdrSize, a crash may occur. ------------ cut here...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: udplite: Fixed null-ptr-deref in udpenqueuescheduleskb. syzbot reported null-ptr-deref of udpsksk-udpprodqueue. 0 Since the referenced commit, udplibinitsock may fail, as may udpinitsock and udpv6initsock. We need to handle th...

corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet

A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...

corosync: Corosync: Denial of Service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

Moderate: Red Hat Security Advisory: corosync security update

An update for corosync is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

[SECURITY] Fedora 42 Update: coturn-4.11.0-1.fc42

The Coturn TURN Server is a VoIP media traffic NAT traversal server and gatew ay. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying...

Fedora 42 : coturn (2026-dfa8ea5809)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-dfa8ea5809 advisory. Coturn 4.11.0 - Fix prometheus response memory leak introduced in 4.10.0 - Use constant-time compare for STUN MESSAGE-INTEGRITY HMAC - Fix format-string...

CLSA-2026-1778896895 kernel: Fix of 2 CVEs

ptrace: require CAPSYSPTRACE when task has no mm - net: udpoffload: propagate SKBFLSHAREDFRAG in skbgroreceivelist CVE-2026-46300 - can: raw: fix ro-uniq use-after-free in rawrcv CVE-2026-31532...

GHSA-RC6V-5RMX-W5MV arnika is affected by medium-severity issues in UDP rotation, PQC handling, and KMS TLS

Summary Three medium-severity issues in arnika affecting the UDP key-rotation protocol, PQC key file handling, and KMS TLS client. All require specific preconditions to exploit and do not allow direct code execution or immediate key extraction. A self-contained PoC is attached. Details 1 ACK...

TencentOS Server 4: kernel (TSSA-2026:0313)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0313 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2026-29990

When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-42920

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-41956

When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-41956 BIG-IP TMM Vulnerability

When a classification profile is configured on a UDP virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2026-42920

CVE-2026-42920 affects BIG-IP DTLS: when a Client SSL profile has Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, resulting in a DoS as TMM restarts. The F5 advisory notes this is a data-plane issue with rem...

CVE-2026-42920 BIG-IP DTLS Vulnerability

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...