Lucene search
K

51 matches found

Amazon
Amazon
added 2026/05/09 12:0 a.m.18 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: add seqadj extension for natted connections CVE-2025-68206 In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: reject rev0 reuse of ALARM timer labels...

9.8CVSS6AI score0.00514EPSS
Exploits2
OSV
OSV
added 2026/05/08 11:1 p.m.31 views

CLSA-2026-1778266904 kernel: Fix of 188 CVEs

rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags - clk: Fix clkhwgetclk when dev is NULL CVE-2022-49187 - x86/sgx: Add overflow check in sgxvalidateoffsetlength CVE-2022-49785 - ext4: init quota for 'old.inode' in...

7.8CVSS6.7AI score0.00398EPSS
Exploits0References1
CVE
CVE
added 2026/05/06 7:40 a.m.19 views

CVE-2026-43089

CVE-2026-43089 : In the Linux kernel, the xfrm_user component exposes an information-disclosure vulnerability caused by a one-byte padding hole in struct xfrm_usersa_id that was not zeroed before copying to userspace. The fix zeros the entire structure before setting fields (build_mapping path). ...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/25 1:36 a.m.10 views

SUSE CVE-2026-31663

In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transportfinish NFHOOK After async crypto completes, xfrminputresume calls devput immediately on re-entry before the skb reaches transportfinish. The skb-dev pointer is then used inside NFHOOK and i...

7.8CVSS5.4AI score0.00208EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/24 2:45 p.m.8 views

EUVD-2026-25556

In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transportfinish NFHOOK After async crypto completes, xfrminputresume calls devput immediately on re-entry before the skb reaches transportfinish. The skb-dev pointer is then used inside NFHOOK and i...

5.4AI score0.00208EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.7 views

PT-2026-35023

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An information leak exists in the build report function within xfrm user. The struct xfrm user report contains a u8 proto field followed by a struct xfrm selector, resulting in three byt...

9.8CVSS5.5AI score0.00443EPSS
Exploits0References495
Ubuntu
Ubuntu
added 2026/03/24 11:42 a.m.11 views

USN-8112-4: Linux kernel (Azure FIPS) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - MMC subsystem; - Network drivers; - USB Device Class drivers; - BTRFS file system; - HFS+ file...

8.8CVSS6.7AI score0.0084EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

MiracleLinux 9 : kernel-5.14.0-503.19.1.el9_5 (AXSA:2025-9562:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9562:06 advisory. kernel: Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout CVE-2024-27399 kernel: bpf: Add BPFPROGTYPECGROUPSKB attach type enforcement in...

7.8CVSS7.1AI score0.00301EPSS
Exploits1References18
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.3 views

PT-2025-54102

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

6.4AI score0.00155EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/05 5:42 p.m.4 views

CVE-2025-40215

No description is available for this CVE...

7CVSS6.5AI score0.00167EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/04 4:8 p.m.5 views

EUVD-2025-201201

In the Linux kernel, the following vulnerability has been resolved: xfrm: also call xfrmstatedeletetunnel at destroy time for states that were never added In commit b441cf3f8c4b "xfrm: delete x-tunnel as we delete x", I missed the case where state creation fails between full initialization...

6.2AI score0.00179EPSS
Exploits0References3
OSV
OSV
added 2025/11/26 3:7 p.m.3 views

SUSE-SU-2025:4261-1 Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.30 fixes various security issues The following security issues were fixed: - CVE-2024-53141: netfilter: ipset: add missing range check in bitmapipuadt bsc1245778. - CVE-2025-23145: mptcp: fix NULL pointer in canacceptnewsubflow...

7.8CVSS6.8AI score0.00396EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/10/22 1:23 p.m.6 views

CVE-2022-50569 xfrm: Update ipcomp_scratches with NULL when freed

In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcompscratches with NULL when freed Currently if ipcompallocscratches fails to allocate memory ipcompscratches holds obsolete address. So when we try to free the percpu scratches using ipcompfreescratches it tries t...

0.00227EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2025/10/14 4:0 p.m.11 views

USN-7808-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ext4 file system; - SMB network file system; - Packet sockets; - Network traffic control; - TLS...

7.8CVSS7.1AI score0.00288EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/14 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-39965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrmallocspi shouldn't use 0 as SPI x-id.spi == 0 means no SPI assigned, but since...

5.5CVSS6.1AI score0.00177EPSS
Exploits0References3
NVD
NVD
added 2025/10/07 4:15 p.m.7 views

CVE-2023-53684

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...

5.5CVSS0.00136EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/10/02 8:57 a.m.12 views

USN-7792-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Packet sockets; - Network traffic control; - TLS protocol; - VMware vSockets driver; - XFRM...

7.8CVSS7.1AI score0.00288EPSS
Exploits0
CVE
CVE
added 2025/10/01 11:45 a.m.16 views

CVE-2023-53500

CVE-2023-53500 concerns the Linux kernel xfrm path. The issue is a slab-use-after-free in decode_session6 that can occur when an xfrm device is enqueued on a qdisc of type sfb, where the skb cb field may be modified during transmission. This leads to a use-after-free on the skb’s memory during IP...

7.8CVSS5.8AI score0.0015EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2025/10/01 11:45 a.m.5 views

CVE-2023-53500 xfrm: fix slab-use-after-free in decode_session6

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix slab-use-after-free in decodesession6 When the xfrm device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when the xfrm device sen...

0.0015EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/10/01 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible modification of the cb field of the skb when the xfrm device uses the sfb type qdisc, which could...

5.8AI score0.0015EPSS
Exploits0References8
Rows per page
Query Builder