Lucene search
+L

20 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:5 a.m.4 views

neigh: let neigh_xmit take skb ownership

...

7.5CVSS6.1AI score0.00539EPSS
Exploits0
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53215 net: mvpp2: refill RX buffers before XDP or skb use

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS6AI score0.00546EPSS
Exploits0References10
OSV
OSV
added 2026/06/24 4:28 p.m.3 views

CVE-2026-52981 neigh: let neigh_xmit take skb ownership

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

7.5CVSS5.8AI score0.00539EPSS
Exploits0References9
OSV
OSV
added 2026/05/28 9:35 a.m.2 views

CVE-2026-46110 net: stmmac: Prevent NULL deref when RX memory exhausted

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to the CPU. For each...

7.5CVSS6.5AI score0.005EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/04/14 9:57 p.m.4 views

CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

7.3CVSS6AI score0.00247EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/04/14 9:57 p.m.27 views

CVE-2026-33021 libsixel: Use-after-free in sixel_encoder_encode_bytes()

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

7.3CVSS0.00247EPSS
Exploits1References2
OSV
OSV
added 2026/04/14 9:57 p.m.3 views

CVE-2026-33021 libsixel: Use-after-free in sixel_encoder_encode_bytes()

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

7.3CVSS6.2AI score0.00247EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.8 views

PT-2026-32951

Name of the Vulnerable Software and Affected Versions libsixel versions prior to 1.8.7-r1 Description A use-after-free issue exists in the sixel encoder encode bytes function. The sixel frame init function stores the caller-owned pixel buffer pointer directly in frame-pixels without creating a...

7.3CVSS6AI score0.00247EPSS
Exploits1References6
OSV
OSV
added 2026/04/03 4:16 p.m.8 views

UBUNTU-CVE-2026-23444

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211txprepareskb failure ieee80211txprepareskb has three error paths, but only two of them free the skb. The first error path ieee80211txprepare returning TXDROP does not free it, while...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/30 12:10 p.m.25 views

CVE-2022-50829 wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: hifusb: Fix use-after-free in ath9khifusbregincb It is possible that skb is freed in ath9khtcrxmsg, then usbsubmiturb fails and we try to free skb again. It causes use-after-free bug. Moreover, if allocskb fails,...

0.00239EPSS
Exploits0References9
OSV
OSV
added 2025/09/23 6:15 a.m.8 views

AZL-74930 CVE-2025-39873 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: can: xilinxcan: xcanwriteframe: fix use-after-free of transmitted SKB canputechoskb takes ownership of the SKB and it may be freed during or after the call. However, xilinxcan xcanwriteframe keeps using SKB after the call. Fix th...

7.8CVSS5.8AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2025/09/23 6:0 a.m.34 views

CVE-2025-39873

CVE-2025-39873 (Linux kernel) : The vulnerability concerns the xilinx_can driver where xcan_write_frame() may use a previously freed skb. The root cause is that can_put_echo_skb() can take ownership of the SKB, which may be freed during or after the call, while xcan_write_frame() continues to tou...

7.8CVSS6.5AI score0.00148EPSS
Exploits0References7Affected Software1
Microsoft CVE
Microsoft CVE
added 2024/05/23 7:0 a.m.6 views

net: mctp: take ownership of skb in mctp_local_output

...

5.5CVSS6AI score0.00219EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/05/21 2:0 a.m.4 views

SUSE CVE-2024-27418

In the Linux kernel, the following vulnerability has been resolved: net: mctp: take ownership of skb in mctplocaloutput Currently, mctplocaloutput only takes ownership of skb on success, and we may leak an skb if mctplocaloutput fails in specific states; the skb ownership isn't transferred until...

5.5CVSS6.7AI score0.00219EPSS
Exploits0References10
OSV
OSV
added 2024/05/17 12:15 p.m.9 views

UBUNTU-CVE-2024-27418

In the Linux kernel, the following vulnerability has been resolved: net: mctp: take ownership of skb in mctplocaloutput Currently, mctplocaloutput only takes ownership of skb on success, and we may leak an skb if mctplocaloutput fails in specific states; the skb ownership isn't transferred until...

5.5CVSS5.8AI score0.00219EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2023/11/27 4:30 p.m.9 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00787EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/27 4:13 p.m.5 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00787EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/27 4:11 p.m.5 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00787EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/27 3:52 p.m.2 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00787EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/11/27 3:47 p.m.11 views

Mozilla: Use-after-free in ReadableByteStreamQueueEntry::Buffer

The Mozilla Foundation Security Advisory describes this flaw as: Ownership mismanagement led to a use-after-free in ReadableByteStreams...

8.8CVSS7.3AI score0.00787EPSS
Exploits0References6
Rows per page
Query Builder