1883 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-52577
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: dccp: fix dccpv4err/dccpv6err again dh-dccphx is the 9th byte offset 8 in struct dccphdr, no...
Linux Distros Unpatched Vulnerability : CVE-2021-46952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFS: fscontext: validate UDP retrans to prevent shift out-of-bounds Fix shift out-of-bounds ...
Linux Distros Unpatched Vulnerability : CVE-2024-27405
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some...
Linux Distros Unpatched Vulnerability : CVE-2021-28715
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which...
OESA-2025-1964 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net/sched: actct: fix ref leak when switching zones When switching zones or network namespaces without doing a ct clear in between, it is now leaking a reference...
Linux Distros Unpatched Vulnerability : CVE-2022-49814
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue loc...
Linux Distros Unpatched Vulnerability : CVE-2023-1078
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
Rosenpass 安全漏洞
Rosenpass is a secure VPN software from Rosenpass Open Source. A security vulnerability exists in Rosenpass versions prior to 0.2.1, which stems from a single-byte UDP packet that could result in a denial of service...
UBUNTU-CVE-2025-38432
In the Linux kernel, the following vulnerability has been resolved: net: netpoll: Initialize UDP checksum field before checksumming commit f1fce08e63fe "netpoll: Eliminate redundant assignment" removed the initialization of the UDP checksum, which was wrong and broke netpoll IPv6 transmission due...
CVE-2025-38432
In the Linux kernel, the following vulnerability has been resolved: net: netpoll: Initialize UDP checksum field before checksumming commit f1fce08e63fe "netpoll: Eliminate redundant assignment" removed the initialization of the UDP checksum, which was wrong and broke netpoll IPv6 transmission due...
CVE-2025-38432 net: netpoll: Initialize UDP checksum field before checksumming
In the Linux kernel, the following vulnerability has been resolved: net: netpoll: Initialize UDP checksum field before checksumming commit f1fce08e63fe "netpoll: Eliminate redundant assignment" removed the initialization of the UDP checksum, which was wrong and broke netpoll IPv6 transmission due...
kernel: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
A use-after-free UAF vulnerability was found and fixed in the Linux kernel's TCP subsystem related to request socket reqsk timers during handshake handling. This issue stems from a race condition caused by relying on timerpending in reqskqueueunlink. This could result in the timer continuing to r...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the userspace, as observed by KMSAN: BUG: KMSAN: kernel-infoleak in...
Netis Netcore Router 安全漏洞
Netis Netcore Router is a series of routers from Netis. A security vulnerability exists in Netis Netcore Router that stems from the presence of an undocumented backdoor listener on UDP port 53413, which could lead to remote execution of arbitrary code...
📄 Remote Mouse 4.601 Remote Command Execution
This exploit targets Remote Mouse version 4.6.0.1 by injecting malicious UDP packets that simulate keyboard input to execute arbitrary PowerShell commands. The vulnerability exists in the way Remote Mouse processes unauthenticated UDP commands on port 1978 by sending specially crafted packets...
udp: Fix memory accounting leak.
...
📄 TouchServer 2.0.0 Remote Code Execution
TouchServer version 2.0.0 has a vulnerability that allows remote attackers to execute arbitrary commands by sending specially crafted UDP packets. This exploit delivers a PowerShell reverse shell by emulating keyboard input to trigger its download and execution. Exploit Title: TouchServer 2.0.0 -...
OESA-2025-1726 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more...