482 matches found
Astra Linux – Vulnerability in Network-Manager
A flaw was discovered in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. This would cause NetworkManager to crash, resulting in a denial of service...
CVE-2026-46433
A flaw was found in lldpd, an implementation of IEEE 802.1ab LLDP. A remote attacker on the adjacent network can send specially crafted Ethernet frames with 802.1Q VLAN Virtual Local Area Network tags. This can cause a 4-byte heap buffer over-read, leading to a denial of service DoS due to an...
CVE-2026-46433
lldpd is an implementation of IEEE 802.1ab LLDP. Prior to version 1.0.22, lldpddecode in src/daemon/lldpd.c strips 802.1Q VLAN tags from received Ethernet frames by calling memmove to shift the frame payload 4 bytes left. The third argument byte count is s - 2 ETHERADDRLEN but should be s - 2...
CVE-2026-46433
CVE-2026-46433 affects lldpd (LLDP implementation). Prior to version 1.0.22, lldpd_decode() incorrectly shifts frame payload when removing 802.1Q VLAN tags, using a length calculation that causes a 4-byte heap OOB read if the frame size equals the interface MTU. This vulnerability is fixed in ver...
CVE-2026-5068
CVE-2026-5068 affects Zephyr in the Bluetooth host L2CAP LE CoC path. When segmentation is enabled (chan_ops.alloc_buf) and the RX pool’s user_data_size is
CVE-2026-45836 Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_get_sndtimeo_cb()
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2capsockgetsndtimeocb Add the same NULL guard already present in l2capsockresumecb and l2capsockreadycb...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Use memset to avoid memory leaks. Use memset to initialize structs to prevent memory leaks. In l2capecredconnect...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: mac802154: fixed the issue where key resources were released in mac802154llseckeydel. The mac802154llseckeydel function can free resources associated with a key directly, without following the RCU rules for waiting before the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
A use-after-free flaw was discovered in the nfcllcpfindlocal function in net/nfc/llcpcore.c within NFC in the Linux kernel. This flaw allows a local user with special privileges to cause a kernel information leak issue...
CVE-2026-34341
Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...
EUVD-2026-29600
Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...
CVE-2026-34341
Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...
CVE-2026-34341 Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability
...
CVE-2026-34341 Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability
...
CVE-2026-34341
CVE-2026-34341 is a Windows LLDP (Link-Layer Discovery Protocol) vulnerability described as a double free in LLDP that allows an authenticated, local attacker to gain elevated privileges. The connected documents confirm the issue and impact (local privilege escalation) but do not provide concrete...
Windows Link-Layer Discovery Protocol (LLDP) Elevation of Privilege Vulnerability
Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...
PT-2026-40160
Double free in Windows Link-Layer Discovery Protocol LLDP allows an authorized attacker to elevate privileges locally...
CVE-2026-31752 bridge: br_nd_send: validate ND option lengths
In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: validate ND option lengths brndsend walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option...
CVE-2026-31738
In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an unvalidated length of the ND option. This vulnerability may lead to out-of-bounds access by the pars...