1882 matches found
corosync security update
An update is available for corosync. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The corosync packages provide the Corosync Cluster Engine and C APIs for...
RLSA-2026:13644 Moderate: corosync security update
The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...
CVE-2026-43230
In the Linux kernel, the following vulnerability has been resolved: net/rds: Clear reconnect pending bit When canceling the reconnect worker, care must be taken to reset the reconnect-pending bit. If the reconnect worker has not yet been scheduled before it is canceled, the reconnect-pending bit...
CVE-2026-43230
In the Linux kernel, the following vulnerability has been resolved: net/rds: Clear reconnect pending bit When canceling the reconnect worker, care must be taken to reset the reconnect-pending bit. If the reconnect worker has not yet been scheduled before it is canceled, the reconnect-pending bit...
CVE-2026-43080
Summary of CVE-2026-43080 (Linux kernel) : The issue resides in the L2TP/PPP over L2TP code path where an oversized PPPoL2TP packet sent with UDP encapsulation can trigger an overflow of the 16‑bit UDP length field, causing the length to be trimmed and potentially sending malformed packets. The p...
CVE-2026-43080
In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...
RLSA-2026:13673 Moderate: corosync security update
The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...
RLSA-2026:13657 Moderate: corosync security update
The corosync packages provide the Corosync Cluster Engine and C APIs for Rocky Linux cluster software. Security Fixes: corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via integer overflow in join message...
corosync security update
An update is available for corosync. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The corosync packages provide the Corosync Cluster Engine and C APIs for Roc...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from l2tp’s failure to check for UDP length field overflows during UDP encapsulation. This could lead to the...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from unhandled UDP LibiLibinitSock failed operations, leading to a null pointer derefrence...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bypassing the RDSCONNERROR state during the handling of RDS connection status. This may lead to abnorma...
Linux Distros Unpatched Vulnerability : CVE-2026-43080
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists i...
RHEL 9 : corosync (RHSA-2026:14212)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14212 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...
RockyLinux 10 : corosync (RLSA-2026:13644)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:13644 advisory. corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet CVE-2026-35091 corosync: Corosync: Denial of Service via intege...
PT-2026-37962
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows...
corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet
A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...
corosync: Corosync: Denial of Service via integer overflow in join message validation
A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...
corosync: Corosync: Denial of Service via integer overflow in join message validation
A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...
corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet
A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...