1952 matches found
CVE-2026-45021
Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin bootstrap token and signing keys to any webpage the operator visits while the control plane is...
CVE-2026-46208
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...
CVE-2026-46206
In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject new tpmeter sessions during teardown Prevent tpmeter from starting new sender or receiver sessions after meshstate has left BATADVMESHACTIVE...
UBUNTU-CVE-2026-46206
In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject new tpmeter sessions during teardown Prevent tpmeter from starting new sender or receiver sessions after meshstate has left BATADVMESHACTIVE...
UBUNTU-CVE-2026-46208
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...
CVE-2026-46208 batman-adv: stop tp_meter sessions during mesh teardown
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...
CVE-2026-46208
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...
EUVD-2026-32835
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...
CVE-2026-46208
In the Linux kernel, batman-adv has a vulnerability where tp_meter sessions are not stopped during mesh teardown in batadv_mesh_free(). This allows a running sender thread or late tp_meter packets to keep operating against a mesh instance that is shutting down, potentially causing system instabil...
CVE-2026-46208
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...
CVE-2026-46208 batman-adv: stop tp_meter sessions during mesh teardown
In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...
CVE-2026-46206
In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject new tpmeter sessions during teardown Prevent tpmeter from starting new sender or receiver sessions after meshstate has left BATADVMESHACTIVE...
CVE-2026-46206
The CVE-2026-46206 issue affects the Linux kernel’s batman-adv implementation, where the tp_meter component could start new sender or receiver sessions after mesh_state had exited BATADV_MESH_ACTIVE during teardown. The vulnerability stems from improper state management in batman-adv/tp_meter, po...
CVE-2026-46206 batman-adv: reject new tp_meter sessions during teardown
In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject new tpmeter sessions during teardown Prevent tpmeter from starting new sender or receiver sessions after meshstate has left BATADVMESHACTIVE...
CVE-2026-46206 batman-adv: reject new tp_meter sessions during teardown
In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject new tpmeter sessions during teardown Prevent tpmeter from starting new sender or receiver sessions after meshstate has left BATADVMESHACTIVE...
PT-2026-44329
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the batman-adv module where the tp meter fails to reject new sender or receiver sessions during the...
PT-2026-44331
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the batman-adv module, TP meter sessions remain linked on bat priv-tp list after a netlink request finishes. When the mesh interface is removed, the batadv mesh free function tears do...
Moderate: Red Hat Security Advisory: Kiali 2.22.4 for Red Hat OpenShift Service Mesh 3.3
Kiali 2.22.4 for Red Hat OpenShift Service Mesh 3.3 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: Red Hat Security Advisory: Kiali 2.4.17 for Red Hat OpenShift Service Mesh 3.0
Kiali 2.4.17 for Red Hat OpenShift Service Mesh 3.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: Red Hat Security Advisory: Kiali 2.11.11 for Red Hat OpenShift Service Mesh 3.1
Kiali 2.11.11 for Red Hat OpenShift Service Mesh 3.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...