High severity7.5NVD Advisory· Published Sep 29, 2025· Updated Apr 15, 2026

CVE-2025-56233

Description

Openindiana, kernel SunOS 5.11 has a denial of service vulnerability. For the processing of TCP packets with RST or SYN flag set, Openindiana has a wide acceptable range of sequence numbers. It does not require the sequence number to exactly match the next expected sequence value, just to be within the current receive window, which violates RFC5961. This flaw allows attackers to send multiple random TCP RST/SYN packets to hit the acceptable range of sequence numbers, thereby interrupting normal connections and causing a denial of service attack.

Affected products

Zq Star/TCP Vuln Reportreferences

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/zq-star/TCP-Vuln-Report/blob/master/Openindiana%20minimal/tcp-rst-syn/openindiana-minimal-tcp-rst-syn.mdnvd

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000