Lucene search
K

59 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.6 views

SUSE SLES15: libopenvswitch-2_14-0 / libovn-20_06-0 / openvswitch / etc (SUSE-SU-2026:2481-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2481-1 advisory. This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498...

8.6CVSS5.9AI score0.00868EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/24 4:29 a.m.4 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.9AI score0.00563EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

SUSE SLES15: libopenvswitch-3_5-0 / libovn-25_03-0 / openvswitch / etc (SUSE-SU-2026:2463-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2463-1 advisory. This update for openvswitch fixes the following issues Update ovn to 25.03.3: - CVE-2026-5265: heap over-read in ICMP error respons...

8.6CVSS5.9AI score0.00868EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tunnels: Fixed the crash when generating IPV4 PMTU errors due to KASAN. If we attempt to emit an ICMP error in response to a non-linear SKB, we encounter the following issue: Bug: KASAN: Out-of-bounds access in...

7.1CVSS6AI score0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 9:44 a.m.4 views

SUSE-SU-2026:2463-1 Security update for openvswitch

This update for openvswitch fixes the following issues Update ovn to 25.03.3: - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498. - CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing bsc1262499...

8.6CVSS5.8AI score0.00868EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 10:0 p.m.9 views

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

9.8CVSS5.3AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/10 8:9 p.m.7 views

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

9.8CVSS5.3AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/08 3:27 a.m.46 views

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

9.8CVSS5.3AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/04 10:49 a.m.9 views

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...

9.8CVSS5.8AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/01 12:15 a.m.17 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/01 12:15 a.m.15 views

Important: Red Hat Security Advisory: ovn25.09 security update

An update for ovn25.09 is now available for Fast Datapath for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS5.8AI score0.00868EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43772

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the icmp route lookup function during the reverse path process for sending ICMP error messages with XFRM IPsec policies. When the system acts as a forwarding...

4.7CVSS5.4AI score0.00111EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.10 views

SUSE CVE-2026-43038

In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...

5.5CVSS5.8AI score0.00255EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.8 views

RHEL 9 : ovn24.03 (RHSA-2026:11700)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11700 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

8.6CVSS5.5AI score0.00868EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

RHEL 9 : ovn25.09 (RHSA-2026:11702)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11702 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

8.6CVSS5.5AI score0.00868EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

RHEL 9 : ovn25.03 (RHSA-2026:11701)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11701 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

8.6CVSS5.5AI score0.00868EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

RHEL 9 : ovn23.09 (RHSA-2026:11698)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11698 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

8.6CVSS5.5AI score0.00868EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/29 12:45 p.m.9 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/29 12:45 p.m.9 views

Important: Red Hat Security Advisory: ovn25.09 security update

An update for ovn25.09 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS5.3AI score0.00868EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/04/29 12:45 p.m.7 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.00629EPSS
Exploits0References4
Rows per page
Query Builder