Lucene search
K

59 matches found

Cvelist
Cvelist
added 2024/04/04 8:20 a.m.28 views

CVE-2024-26805 netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skbdatagramiter syzbot reported the following uninit-value access issue 1: netlinktofullskb creates a new skb and puts the skb-data passed as a 1st arg of netlinktofullskb onto new skb...

6.4AI score0.00242EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/04/04 8:20 a.m.23 views

CVE-2024-26805

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skbdatagramiter syzbot reported the following uninit-value access issue 1: netlinktofullskb creates a new skb and puts the skb-data passed as a 1st arg of netlinktofullskb onto new skb...

5.5CVSS7.3AI score0.00242EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/04/04 12:0 a.m.29 views

CVE-2024-26805

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skbdatagramiter syzbot reported the following uninit-value access issue 1: netlinktofullskb creates a new skb and puts the skb-data passed as a 1st arg of netlinktofullskb onto new skb...

5.5CVSS6.5AI score0.00242EPSS
Exploits0References27
OSV
OSV
added 2023/09/04 6:36 p.m.7 views

USN-6337-1 linux-azure-5.4 vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS6.9AI score0.00491EPSS
Exploits1References17
OSV
OSV
added 2023/08/31 10:31 p.m.16 views

USN-6331-1 linux-azure vulnerabilities

It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...

7.8CVSS7AI score0.05794EPSS
Exploits4References22
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.3 views

SUSE CVE-2016-5243

The tipcnlcompatlinkdump function in net/tipc/netlinkcompat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message...

5.5CVSS6AI score0.00502EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.3 views

SUSE CVE-2017-7541

The brcmfcfg80211mgmttx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted NL80211CMDFRAME Netlink packet...

6.2CVSS6.9AI score0.00547EPSS
Exploits0References10
OSV
OSV
added 2022/11/18 9:16 p.m.10 views

USN-5729-2 linux-gcp-5.15, linux-gke-5.15, linux-intel-iotg, linux-raspi vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an...

7.8CVSS6.9AI score0.00405EPSS
Exploits2References9
BDU FSTEC
BDU FSTEC
added 2022/08/22 12:0 a.m.6 views

The vulnerability in the /net/nfc/netlink.c component of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the /net/nfc/netlink.c component of the Linux operating system is related to an unintercepted exception. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

5.5CVSS6.4AI score0.00228EPSS
Exploits0References21Affected Software4
OSV
OSV
added 2021/12/27 5:45 a.m.10 views

GSD-2021-1002731 net: netlink: af_netlink: Prevent empty skb by adding a check on len.

net: netlink: afnetlink: Prevent empty skb by adding a check on len. This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.10 by commit...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/12/25 12:0 a.m.32 views

SUSE SLES15 Security Update : runc (SUSE-SU-2021:4171-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:4171-1 advisory. Update to runc v1.0.3. CVE-2021-43784: Fixed a potential vulnerability related to the internal usage of netlink, which is believed to not be exploitabl...

6CVSS6.7AI score0.01663EPSS
Exploits1References4
OSV
OSV
added 2020/09/09 4:15 p.m.6 views

UBUNTU-CVE-2020-25211

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...

6CVSS6.7AI score0.00566EPSS
Exploits1References9
OSV
OSV
added 2018/11/26 7:29 p.m.1 views

CVE-2018-14646

The Linux kernel before 4.15-rc8 was found to be vulnerable to a NULL pointer dereference bug in the netlinknscapable function in the net/netlink/afnetlink.c file. A local attacker could exploit this when a net namespace with a netnsid is assigned to cause a kernel panic and a denial of service...

5.5CVSS5.4AI score0.00393EPSS
Exploits0References6
OSV
OSV
added 2017/12/08 12:34 a.m.2 views

USN-3511-1 linux-azure vulnerabilities

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16939 It was discovered that the Linux kernel did not...

7.8CVSS6.7AI score0.02841EPSS
Exploits12References3
OSV
OSV
added 2017/12/07 10:33 p.m.2 views

USN-3508-2 linux-hwe vulnerabilities

USN-3508-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsyste...

7.8CVSS6.7AI score0.02841EPSS
Exploits12References4
OSV
OSV
added 2016/05/23 10:59 a.m.2 views

DEBIAN-CVE-2016-4486

The rtnlfilllinkifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message...

3.3CVSS7.3AI score0.0171EPSS
Exploits4References1
OSV
OSV
added 2014/04/27 12:55 a.m.4 views

DEBIAN-CVE-2014-0181

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass intended access restrictions and modify network configurations by using a Netlink socket for the 1 stdou...

2.1CVSS7.7AI score0.00538EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2013/05/09 6:10 p.m.3 views

hypervkvpd: Netlink source address validation allows denial of service

The main function in tools/hv/hvkvpdaemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service daemon exit via a crafted application that sends a Netlink message. NOTE: this vulnerability exists because of an incorrect fix for...

4.9CVSS5.8AI score0.00407EPSS
Exploits1References4
OSV
OSV
added 2012/10/03 11:2 a.m.6 views

CVE-2012-3520

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager...

5.8AI score
Exploits0References12
Rows per page
Query Builder