Lucene search
+L

37 matches found

astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fix for u8 overflow By continuously sending L2CAPCONFREQ packets, chan-numconfrsp increases multiple times, eventually exceeding the maximum number i.e., 255. This patch prevents this issue by adding a bounda...

5.5CVSS6.3AI score0.00246EPSS
Exploits0References2
osv
osv
added 2026/05/06 11:27 a.m.2 views

CVE-2026-43134 Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAPLECONNREQ This adds a check for encryption key size upon receiving L2CAPLECONNREQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAPCRLEBADKEYSIZE...

8.1CVSS6.6AI score0.00177EPSS
Exploits0References11
redhatcve
redhatcve
added 2026/04/03 7:26 p.m.7 views

CVE-2026-23462

A flaw was found in the Linux kernel's Bluetooth subsystem HIDP. A local attacker can exploit a use-after-free vulnerability by failing to properly drop a reference to an L2CAP Logical Link Control and Adaptation Protocol connection during a user removal callback. This memory corruption flaw may...

8.8CVSS5.9AI score0.00262EPSS
Exploits0References4
susecve
susecve
added 2026/03/25 4:54 p.m.6 views

SUSE CVE-2026-23395

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...

6.5CVSS5.7AI score0.00249EPSS
Exploits0References15
nessus
nessus
added 2026/01/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000483)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000483 advisory. A heap data infoleak in multiple locations including L2CAPPARSECONFRSP was found in the Linux kernel before 5.1-rc1. Tenable has extracted the preceding description...

6.5CVSS6.3AI score0.01827EPSS
Exploits1References3
redhat
redhat
added 2025/10/29 12:46 a.m.10 views

kernel: Bluetooth: L2CAP: Fix use-after-free

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in l2caplecommandrej...

7.8CVSS6.8AI score0.0015EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2008-0318

Malware in sbrugna...

7.1CVSS6.4AI score0.02553EPSS
Exploits1References7
mscve
mscve
added 2025/09/27 1:2 a.m.15 views

Bluetooth: L2CAP: Fix not validating setsockopt user input

...

7.1CVSS7AI score0.00239EPSS
Exploits0
osv
osv
added 2025/09/01 6:33 p.m.7 views

CLSA-2025-1756751597 squid: Fix of CVE-2023-46846

CVE-2023-46846: fix Request/Response chunk smuggling in HTTP/1.1 and ICAP...

9.3CVSS5.8AI score0.05298EPSS
Exploits0References1
redhat
redhat
added 2025/05/13 8:28 a.m.6 views

kernel: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

in linux kernel bluetooth L2CAP, l2capleflowctlinit can cause both div-by-zero and an integer overflow since hdev-lemtu may not fall in the valid range...

6.5CVSS6.8AI score0.00215EPSS
Exploits0References4
redhat
redhat
added 2024/12/16 2:38 a.m.2 views

squid: Request/Response smuggling in HTTP/1.1 and ICAP

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS5.9AI score0.05298EPSS
Exploits0References5
mscve
mscve
added 2024/09/11 7:0 a.m.8 views

Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()

...

6.5CVSS7.3AI score0.00215EPSS
Exploits0
redhat
redhat
added 2024/04/30 5:6 p.m.5 views

kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c

An information leak vulnerability was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfreq function. An attacker with physical access within the range of standard Bluetooth transmission could use thi...

6.5CVSS6.7AI score0.00395EPSS
Exploits0References5
redhat
redhat
added 2024/03/13 9:11 a.m.5 views

kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c

A flaw was found in l2capsockrelease in net/bluetooth/l2capsock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk's children being mishandled...

7.8CVSS6.8AI score0.0056EPSS
Exploits0References5
redhat
redhat
added 2024/03/12 12:56 a.m.5 views

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

8.8CVSS6.9AI score0.02014EPSS
Exploits0References5
redhat
redhat
added 2023/11/08 11:3 a.m.20 views

squid: Request/Response smuggling in HTTP/1.1 and ICAP

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS5.9AI score0.05298EPSS
Exploits0References5
redhat
redhat
added 2023/11/08 10:31 a.m.10 views

squid: Request/Response smuggling in HTTP/1.1 and ICAP

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS5.9AI score0.05298EPSS
Exploits0References5
redhat
redhat
added 2023/11/02 9:47 a.m.24 views

squid: Request/Response smuggling in HTTP/1.1 and ICAP

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

9.3CVSS5.9AI score0.05298EPSS
Exploits0References5
redhat
redhat
added 2023/08/08 8:34 a.m.7 views

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

8.8CVSS6.8AI score0.02014EPSS
Exploits0References5
redhat
redhat
added 2023/05/16 8:43 a.m.9 views

kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges...

7.1CVSS6.6AI score0.0129EPSS
Exploits0References5
Rows per page
Query Builder