Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/25 8:39 a.m.30 views

CVE-2026-53259 ipv6: anycast: insert aca into global hash under idev->lock

In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...

7.8CVSS0.00123EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.13 views

CVE-2026-53259

CVE-2026-53259 (Linux kernel) fixes a race in IPv6 anycast address management. The root cause was a window where inserting an aca into the global inet6_acaddr_lst[] and its hash could be separated from the teardown path (RTNL), causing the ac_addr to be freed while still linked, i.e., a slab-use-...

7.8CVSS5.7AI score0.00123EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.8 views

CVE-2026-53259

In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...

7.8CVSS5.6AI score0.00123EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52354

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab-use-after-free issue exists in the ipv6 chk acast addr function. The problem occurs when an anycast address aca is allocated and added to the idev-ac list under idev-lock, but is...

7.8CVSS6.1AI score0.00123EPSS
Exploits0References18
EUVD
EUVD
added 2026/05/08 3:31 p.m.9 views

EUVD-2026-28623

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UaF in addrconfpermanentaddr The mentioned helper try to warn the user about an exceptional condition, but the message is delivered too late, accessing the ipv6 after its possible deletion. Reorder the...

5.8AI score0.00121EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/07/16 11:13 a.m.21 views

CVE-2022-48785 ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: use rcu-safe version of ipv6getlladdr Some time ago 8965779d2c0e "ipv6,mcast: always hold idev-lock before mcalock" switched ipv6getlladdr to ipv6getlladdr, which is rcu-unsafe version. That was OK, because idev-lock...

6.8AI score0.00172EPSS
Exploits0References3
Rows per page
Query Builder