Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: TCP: Avoid too many retransmitted packets If a TCP socket uses TCPUSERTIMEOUT, and the other peer retracts its window to zero, tcpretransmittimer may retransmit a packet every two milliseconds for HZ=1000, for approximately 4...

After Mythos: New Playbooks For a Zero-Window Era

When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI, you know the exploit window, the short buffer that organizations relied on to patch and protect after a vulnerability disclosure, is closing fast. Anthropic’s new model, Claude...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007573)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007573 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCPUSERTIMEOUT, and the other pee...

DEBIAN-CVE-2025-21710

In the Linux kernel, the following vulnerability has been resolved: tcp: correct handling of extreme memory squeeze Testing with iperf3 using the "pasta" protocol splicer has revealed a problem in the way tcp handles window advertising in extreme memory squeeze situations. Under memory pressure, ...

kernel: tcp: avoid too many retransmit packets

A vulnerability was found in the tcpretransmittimer function in the Linux kernel's TCP implementation. This issue occurs when a TCP socket uses TCPUSERTIMEOUT and the peer's window retracts to zero, leading to excessive retransmission of packets every two milliseconds for up to four minutes after...

SUSE CVE-2024-41007

In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCPUSERTIMEOUT, and the other peer retracted its window to zero, tcpretransmittimer can retransmit a packet every two jiffies 2 ms for HZ=1000, for about 4 minutes...

ALPINE-CVE-2023-43622

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

SUSE CVE-2023-43622

An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack pattern. This has been fixed in...

Apache HTTP Server Resource Management Error Vulnerability

Apache HTTP Server is the United States Apache Apache Foundation of an open source web server . The server is fast, reliable, and extensible via a simple API. A resource management error vulnerability exists in Apache HTTP Server versions 2.4.55 through 2.4.57, which originates when an attacker...