Lucene search
K

589 matches found

Packet Storm
Packet Storm
added 2026/06/22 12:0 a.m.42 views

📄 OpenBSD mpls_do_error Stack Disclosure

OpenBSD suffers from an mplsdoerror remote kernel stack disclosure vulnerability via an MPLS label stack. ------------------------------------------------------------------------ OpenBSD mplsdoerror: Remote Kernel Stack Disclosure via MPLS Label Stack Over-read...

6.9CVSS5.9AI score0.00423EPSS
Exploits2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel before version 6.1.13, there is a double-free in the net/mpls/afmpls.c file when an allocation failure occurs due to registering the sysctl table under a new location during the renaming of a device...

4.7CVSS6.4AI score0.00331EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 8:16 p.m.18 views

CVE-2026-56099

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

6.9CVSS0.00423EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/06/18 7:29 p.m.19 views

CVE-2026-56099 OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

6.9CVSS0.00423EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/06/18 7:29 p.m.7 views

CVE-2026-56099

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

6.9CVSS5.3AI score0.00423EPSS
Exploits2References4
EUVD
EUVD
added 2026/06/18 7:29 p.m.12 views

EUVD-2026-37938

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

6.9CVSS5.3AI score0.00423EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.16 views

PT-2026-50785

Name of the Vulnerable Software and Affected Versions OpenBSD versions prior to commit 6a23123 Description An out-of-bounds read exists in the mpls do error function within sys/netmpls/mpls input.c. Remote attackers can disclose kernel stack memory by sending crafted MPLS frames containing 16...

6.9CVSS5.8AI score0.00423EPSS
Exploits2References23
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.6 views

SUSE CVE-2026-43042

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platformlabel,s pair The RCU-protected codepaths mplsforward, mplsdumproutes can have an inconsistent view of platformlabels vs platformlabel in case of a concurrent resize...

7.1CVSS5.7AI score0.0011EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.7 views

RHCOS 3 : openvswitch (RHSA-2016:0615)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0615 advisory. - openvswitch: MPLS buffer overflow vulnerability CVE-2016-2074 Note that Nessus has not tested for this issue but has instead relied only on...

9.8CVSS7.5AI score0.06279EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.49 views

CVE-2026-43042 mpls: add seqcount to protect the platform_label{,s} pair

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platformlabel,s pair The RCU-protected codepaths mplsforward, mplsdumproutes can have an inconsistent view of platformlabels vs platformlabel in case of a concurrent resize...

7.1CVSS0.0011EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/01 2:15 p.m.27 views

EUVD-2026-26641

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platformlabel,s pair The RCU-protected codepaths mplsforward, mplsdumproutes can have an inconsistent view of platformlabels vs platformlabel in case of a concurrent resize...

5.8AI score0.0011EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.7 views

PT-2026-36459

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description RCU-protected codepaths, specifically mpls forward and mpls dump routes, can maintain an inconsistent view of platform labels versus platform label during a concurrent resize operation...

7.1CVSS5.4AI score0.0011EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2026/04/26 1:52 a.m.7 views

SUSE CVE-2026-31679

In the Linux kernel, the following vulnerability has been resolved: openvswitch: validate MPLS set/setmasked payload length validateset accepted OVSKEYATTRMPLS as variable-sized payload for SET/SETMASKED actions. In action handling, OVS expects fixed-size MPLS key data struct ovskeympls. Use the...

6.7CVSS5.4AI score0.00117EPSS
Exploits0References16
EUVD
EUVD
added 2026/04/25 8:46 a.m.6 views

EUVD-2026-25646

In the Linux kernel, the following vulnerability has been resolved: openvswitch: validate MPLS set/setmasked payload length validateset accepted OVSKEYATTRMPLS as variable-sized payload for SET/SETMASKED actions. In action handling, OVS expects fixed-size MPLS key data struct ovskeympls. Use the...

5.3AI score0.00117EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-31679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: validate MPLS set/setmasked payload length validateset accepted OVSKEYATTRMPLS as variable-sized payload for SET/SETMASKED actions. In action...

7.1CVSS5.8AI score0.00117EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.4 views

CVE-2026-33780

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...

7.1CVSS5.9AI score0.00173EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/10 12:30 a.m.6 views

EUVD-2026-21090

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...

7.1CVSS6AI score0.00173EPSS
Exploits0References2
NVD
NVD
added 2026/04/09 10:16 p.m.11 views

CVE-2026-33780

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...

7.1CVSS0.00173EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:29 p.m.2 views

CVE-2026-33780

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...

7.1CVSS6AI score0.00173EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.5 views

PT-2026-31750

A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service DoS. In an EVPN-MPLS...

7.1CVSS6AI score0.00173EPSS
Exploits0References2
Rows per page
Query Builder