Vulnerability in 9front

CVE-2026-9054

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic.

EPSS: 0.001 (16.7th percentile) — read the EPSS interpretation.

Affected products

9front — versions 863431cff8b47fa20625f4cbee3ea4e92367b152, Plan 9 4e

Weakness classification (CWE)

CWE-130 — Improper Handling of Length Parameter Inconsistency

References

1d66c9f9-fff2-411a-aa19-ca6312fa25e9 (mitigation)
1d66c9f9-fff2-411a-aa19-ca6312fa25e9 (mitigation)
1d66c9f9-fff2-411a-aa19-ca6312fa25e9 (mitigation)