Lucene search
K

188 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: initramfs: Avoid filename buffer overflow The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as follows: plaintext 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 +...

7.8CVSS6.6AI score0.00241EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/17 10:54 a.m.6 views

dracut: dracut: Root code execution via DHCP options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/17 9:57 a.m.5 views

dracut: dracut: Root code execution via DHCP options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/17 9:53 a.m.8 views

dracut: dracut: Root code execution via DHCP options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/17 9:53 a.m.9 views

Important: Red Hat Security Advisory: dracut security update

An update for dracut is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS5.9AI score0.01131EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/17 2:23 a.m.10 views

SUSE CVE-2026-6893

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

8.8CVSS6AI score0.01131EPSS
Exploits0References7
OSV
OSV
added 2026/06/17 12:0 a.m.5 views

ALSA-2026:26532 Important: dracut security update

The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...

7.5CVSS5.9AI score0.01131EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/06/17 12:0 a.m.14 views

Important: dracut security update

The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...

7.5CVSS5.8AI score0.01131EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/06/17 12:0 a.m.30 views

Important: dracut security update

The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...

7.5CVSS5.8AI score0.01131EPSS
Exploits0References4
OSV
OSV
added 2026/06/17 12:0 a.m.4 views

ALSA-2026:26533 Important: dracut security update

The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...

7.5CVSS5.8AI score0.01131EPSS
Exploits0References4
OSV
OSV
added 2026/06/17 12:0 a.m.6 views

ALSA-2026:26534 Important: dracut security update

The dracut packages contain an event-driven initial RAM file system initramfs generator infrastructure based on the udev device manager. The virtual file system, initramfs, is loaded together with the kernel at boot time and initializes the system, so it can read and boot from the root partition...

7.5CVSS5.8AI score0.01131EPSS
Exploits0References4
OSV
OSV
added 2026/06/10 8:17 p.m.7 views

DEBIAN-CVE-2026-6893

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 8:17 p.m.16 views

CVE-2026-6893

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS0.01131EPSS
Exploits0References7
CVE
CVE
added 2026/06/10 7:49 p.m.86 views

CVE-2026-6893

CVE-2026-6893 affects the dracut project, specifically the legacy DHCP path. A remote attacker on an adjacent network can trigger root code execution in the initramfs by sending specially crafted DHCP options (for example, a malicious hostname). The options are improperly handled and written into...

7.5CVSS6AI score0.01131EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/10 7:49 p.m.9 views

CVE-2026-6893 Dracut: dracut: root code execution via dhcp options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/10 7:49 p.m.9 views

EUVD-2026-36110

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

8.8CVSS6AI score0.01131EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 7:49 p.m.10 views

CVE-2026-6893

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6.1AI score0.01131EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/10 7:49 p.m.34 views

CVE-2026-6893 Dracut: dracut: root code execution via dhcp options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS0.01131EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/10 7:49 p.m.10 views

CVE-2026-6893

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48526

Name of the Vulnerable Software and Affected Versions dracut affected versions not specified Description A flaw in the legacy DHCP path allows a remote attacker on the adjacent network to achieve root code execution within the initramfs initial RAM file system, which is loaded with the kernel at...

7.5CVSS5.8AI score0.01131EPSS
Exploits0References31
Rows per page
Query Builder