Lucene search
K

2009 matches found

OSV
OSV
added 3 days ago3 views

OESA-2026-2809 radvd security update

The router advertisement daemon radvd is run by Linux or BSD systems acting as IPv6 routers. It sends Router Advertisement messages, specified by RFC 2461, to a local Ethernet LAN periodically and when requested by a node sending a Router Solicitation message. These messages are required for IPv6...

8.8CVSS6.2AI score0.00203EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.4 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS7AI score0.00563EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2026/06/29 12:0 a.m.4 views

The vulnerabilities in the modules net/ipv4/icmp.c and net/ipv6/icmp.c of the Linux operating system allow a hacker to trigger a service failure.

The vulnerability in the net/ipv4/icmp.c and net/ipv6/icmp.c modules of the Linux kernel is related to insufficient validation of input data. Exploiting this vulnerability could allow a remote attacker to cause service failures...

9.4CVSS5.8AI score0.00346EPSS
Exploits0References9Affected Software3
OSV
OSV
added 2026/06/29 12:0 a.m.7 views

ALSA-2026:30848 Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-31488 kernel: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach CVE-2026-43038 kernel: netfilter: flowtabl...

9.8CVSS6.4AI score0.00465EPSS
Exploits0References18
OSV
OSV
added 2026/06/26 6:37 a.m.3 views

SUSE-SU-2026:2638-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

9.8CVSS5.9AI score0.00474EPSS
Exploits1References45
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.6 views

SUSE SLES15: libopenvswitch-3_1-0 / libovn-23_03-0 / openvswitch / etc (SUSE-SU-2026:2475-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2475-1 advisory. This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498...

8.6CVSS5.9AI score0.00868EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.7 views

SUSE SLES15: libopenvswitch-2_14-0 / libovn-20_06-0 / openvswitch / etc (SUSE-SU-2026:2481-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2481-1 advisory. This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498...

8.6CVSS5.9AI score0.00868EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 12:36 p.m.2 views

SUSE-SU-2026:2632-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work...

9.8CVSS6.4AI score0.00474EPSS
Exploits1References64
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.3 views

The vulnerability of the `ip6_err_gen_icmpv6_unreach()` function in the `net/ipv6/icmp.c` module of the Linux operating system allows a attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the ip6errgenicmpv6unreach function in the net/ipv6/icmp.c module of the Linux operating system is related to access to resources through incompatible types. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause...

10CVSS6.2AI score0.00255EPSS
Exploits0References13Affected Software3
NVD
NVD
added 2026/06/24 5:17 p.m.13 views

CVE-2026-53006

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

9.8CVSS0.00377EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 4:29 p.m.14 views

CVE-2026-53006

The CVE-2026-53006 entry concerns a Use-After-Free in the Linux kernel IPv6 path (icmpv6_rcv) caused by caching IPv6 saddr/daddr before pskb_pull(), since skb->head can change. The fix removes temporary variables and ensures access to &ipv6_hdr(skb)->saddr and &ipv6_hdr(skb)->daddr only ...

9.8CVSS5.7AI score0.00377EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/24 4:29 a.m.4 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.9AI score0.00563EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

SUSE SLES15: libopenvswitch-3_5-0 / libovn-25_03-0 / openvswitch / etc (SUSE-SU-2026:2463-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2463-1 advisory. This update for openvswitch fixes the following issues Update ovn to 25.03.3: - CVE-2026-5265: heap over-read in ICMP error respons...

8.6CVSS5.9AI score0.00868EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tunnels: Fixed the crash when generating IPV4 PMTU errors due to KASAN. If we attempt to emit an ICMP error in response to a non-linear SKB, we encounter the following issue: Bug: KASAN: Out-of-bounds access in...

7.1CVSS6AI score0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 9:44 a.m.4 views

SUSE-SU-2026:2463-1 Security update for openvswitch

This update for openvswitch fixes the following issues Update ovn to 25.03.3: - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498. - CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing bsc1262499...

8.6CVSS5.8AI score0.00868EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/18 1:51 p.m.8 views

EUVD-2026-37893

Docker Sandboxes sbx blocks ICMP egress with an authorizer applied only at network-creation time, and does not re-apply it to networks rebuilt from disk when the Docker daemon restarts, so a restart-surviving sandbox forwards ICMP to arbitrary hosts. A workload inside a sandbox, which the threat...

5.7CVSS5.5AI score0.00097EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 1:51 p.m.16 views

CVE-2026-12539 Docker Sandboxes ICMP egress restriction bypass after daemon restart

Docker Sandboxes sbx blocks ICMP egress with an authorizer applied only at network-creation time, and does not re-apply it to networks rebuilt from disk when the Docker daemon restarts, so a restart-surviving sandbox forwards ICMP to arbitrary hosts. A workload inside a sandbox, which the threat...

5.7CVSS0.00097EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 1:51 p.m.21 views

CVE-2026-12539

Docker Sandboxes (sbx) ICMP egress restriction can be bypassed after daemon restart. The issue arises because the authorizer is applied only at network creation and is not re-applied to networks rebuilt from disk on restart, allowing a restart-surviving sandbox to forward ICMP to arbitrary hosts....

5.7CVSS5.5AI score0.00097EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/18 1:51 p.m.14 views

CVE-2026-12539

Docker Sandboxes sbx blocks ICMP egress with an authorizer applied only at network-creation time, and does not re-apply it to networks rebuilt from disk when the Docker daemon restarts, so a restart-surviving sandbox forwards ICMP to arbitrary hosts. A workload inside a sandbox, which the threat...

5.7CVSS5.5AI score0.00097EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.25 views

PT-2026-50676

Name of the Vulnerable Software and Affected Versions Docker Sandboxes affected versions not specified Description Docker Sandboxes sbx fail to re-apply the ICMP egress authorizer to networks rebuilt from disk after a Docker daemon restart. This allows a restart-surviving sandbox to forward ICMP...

5.7CVSS6AI score0.00097EPSS
Exploits0References5
Rows per page
Query Builder