Lucene search
K

45 matches found

OSV
OSV
added 2026/06/30 11:39 p.m.5 views

BIT-ENVOY-2026-48042 Envoy: Stack overflow in destructor of highly nested JSON

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow when deeply O100K nested objects are present. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1...

7.5CVSS5.8AI score0.00557EPSS
Exploits1References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will remain there until they are consumed. If userspace never gets to read the...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: xfs: Only call xfarray,blobdestroy if we have a valid pointer. Only call the xfarray and xfblob destructors if we have a valid pointer, and make sure to null out that pointer afterwards. Note that this patch fixes a large number ...

5.5CVSS6.1AI score0.00122EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/03/25 4:56 p.m.7 views

SUSE CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.7AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/25 12:30 p.m.4 views

EUVD-2026-15234

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.6AI score0.00121EPSS
Exploits0References4
NVD
NVD
added 2026/03/25 11:16 a.m.4 views

CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.5CVSS0.00121EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.7 views

CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
OSV
OSV
added 2026/03/25 11:16 a.m.7 views

UBUNTU-CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
CVE
CVE
added 2026/03/25 10:26 a.m.8 views

CVE-2026-23299

CVE-2026-23299 relates to a Linux kernel Bluetooth issue where, when TX timestamping is enabled (SO_TIMESTAMPING), SKBs may be queued in the sk_error_queue during socket destruction and could leak if unread or if the controller is removed. The fixed mitigation is the addition of skb_queue_purge()...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:26 a.m.3 views

CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.6AI score0.00121EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/25 10:26 a.m.21 views

CVE-2026-23299 Bluetooth: purge error queues in socket destructors

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

0.00121EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/03/25 10:26 a.m.4 views

CVE-2026-23299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.5CVSS5.2AI score0.00121EPSS
Exploits0
OSV
OSV
added 2026/03/25 10:26 a.m.9 views

CVE-2026-23299 Bluetooth: purge error queues in socket destructors

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will stay there until consumed. If userspace never gets to read the timestamps, or i...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-23251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfs: only call xfarray,blobdestroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid pointer, and be sure to null out th...

5.5CVSS6.2AI score0.00122EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-27664

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to Bluetooth socket destructors. When TX timestamping is enabled using the SO TIMESTAMPING option, Send Queues SKBs can accumulate in the sk err...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2025/11/25 12:17 a.m.11 views

CVE-2025-65503

Use after free in endpoint destructors in Redboltz asyncmqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between iocontext and endpoint objects...

7.5CVSS6.6AI score0.00197EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/24 3:30 p.m.7 views

EUVD-2025-198707

Use after free in endpoint destructors in Redboltz asyncmqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between iocontext and endpoint objects...

7.5CVSS6AI score0.00197EPSS
Exploits1References3
NVD
NVD
added 2025/11/24 2:15 p.m.29 views

CVE-2025-65503

Use after free in endpoint destructors in Redboltz asyncmqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between iocontext and endpoint objects...

7.5CVSS0.00197EPSS
Exploits1References2
OSV
OSV
added 2025/11/24 12:0 a.m.5 views

CVE-2025-65503

Use after free in endpoint destructors in Redboltz asyncmqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between iocontext and endpoint objects...

7.5CVSS6.5AI score0.00197EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/24 12:0 a.m.4 views

CVE-2025-65503

Use after free in endpoint destructors in Redboltz asyncmqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between iocontext and endpoint objects...

6.2AI score0.00197EPSS
Exploits1References2
Rows per page
Query Builder