MiracleLinux 4 : kernel-2.6.32-696.3.1.el6 (AXSA:2017-1700:04)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1700:04 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002770)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002770 advisory. The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001619)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001619 advisory. The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via...

EUVD-2020-9390

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-6214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft locku...

UBUNTU-CVE-2024-55629

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...

Huawei EulerOS: Security Advisory for open-iscsi (EulerOS-SA-2023-2453)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for open-iscsi (EulerOS-SA-2023-2478)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : open-iscsi (EulerOS-SA-2023-2478)

According to the versions of the open-iscsi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, an...

EulerOS Virtualization 2.10.1 : open-iscsi (EulerOS-SA-2023-2453)

According to the versions of the open-iscsi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, an...

SUSE CVE-2017-6214

The tcpspliceread function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service infinite loop and soft lockup via vectors involving a TCP packet with the URG flag...

SUSE CVE-2020-17437

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by...

EulerOS Virtualization 3.0.2.2 : iscsi-initiator-utils (EulerOS-SA-2021-2138)

According to the versions of the iscsi-initiator-utils packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack...

CVE-2021-21005

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...

CVE-2021-21005

In Phoenix Contact FL SWITCH SMCS series products in multiple versions if an attacker sends a hand-crafted TCP-Packet with the Urgent-Flag set and the Urgent-Pointer set to 0, the network stack will crash. The device needs to be rebooted afterwards...

CVE-2021-21005

CVE-2021-21005 affects Phoenix Contact FL SWITCH SMCS series. A crafted TCP packet with the Urgent-Flag set and Urgent-Pointer at 0 can crash the device’s network stack, requiring a reboot. The provided sources confirm affected product family and the exact trigger, with CVSS indicating HIGH impac...

EulerOS 2.0 SP3 : iscsi-initiator-utils (EulerOS-SA-2021-1076)

According to the versions of the iscsi-initiator-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when...

CVE-2020-17437

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by...

CVE-2020-17437

CVE-2020-17437 affects uIP 1.0 (used in Contiki 3.0 and similar) where the TCP Urgent flag and Urgent pointer are not properly bounded. When urgent data is ignored, code uses the Urgent pointer as an offset to separate urgent data, but the offset length isn’t checked, allowing the data pointer to...

kernel: ipv4/tcp: Infinite loop in tcp_splice_read()

A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice and tcpspliceread functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely...