Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.20 views

PT-2026-47589

Summary Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning Kaminsky attack. Details Two factors contribute to this vulnerability in...

6.8CVSS5.5AI score
Exploits0References5
Amazon
Amazon
added 2026/05/26 12:0 a.m.25 views

Important: docker

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.4AI score0.00813EPSS
Exploits0
Slackware Linux
Slackware Linux
added 2026/05/21 5:16 a.m.15 views

[slackware-security] rsync

New rsync packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/rsync-3.4.3-i586-1slack15.0.txz: Upgraded. This update fixes security issues: TOCTOU symlink race condition allowing local privilege...

8.1CVSS5.9AI score0.0078EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.2 views

kernel: keys: Fix linking a duplicate key to a keyring's assoc_array

A race condition was found in the Linux kernel's keyring subsystem. When concurrent DNS queries resolve the same hostname, a duplicate index key can be created in the keyring's assocarray. The assocarray implementation has a BUGON check that detects this invalid state, causing a kernel crash. Thi...

5.7AI score0.00173EPSS
Exploits0References5
Rows per page
Query Builder