CVE-2026-5590 in Zephyrinfo

Zusammenfassung (Englisch)

A race condition during TCP connection teardown can cause tcp_recv() to operate on a connection that has already been released. If tcp_conn_search() returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcp_backlog_is_full() and dereferenced without validation, leading to a crash.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Zuständig

zephyr

Reservieren

05.04.2026

Veröffentlichung

05.04.2026

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
355387	zephyrproject-rtos Zephyr TCP Connection tcp_recv Denial of Service	476	Nicht definiert	Nicht definiert	CVE-2026-5590

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

MITRE
NVD
CVE Details

◂ ZurückÜbersichtWeiter ▸

Do you know our Splunk app?

Download it now for free!