Lucene search
K

790 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-53227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: openvswitch: fix possible kfreeskb of ERRPTR After the patch in the Fixes tag, the allocation of the reply skb can happen either before or after locking th...

5.5CVSS6AI score0.00136EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 8:45 a.m.5 views

CVE-2026-53227

A flaw was found in the Linux kernel's Open vSwitch OVS component. This issue occurs due to incorrect error handling during the allocation of a 'reply' skb socket buffer after locking the ovsmutex. If the allocation fails, an invalid pointer may be passed to kfreeskb, leading to a system crash an...

5.5CVSS5.7AI score0.00136EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:39 a.m.9 views

CVE-2026-53227

CVE-2026-53227 affects the Linux kernel net/openvswitch path. The issue arises when allocating the reply skb after taking ovs_mutex, where an error path can leave the skb with an ERR_PTR and later free it during cleanup, leading to a possible invalid free. The fix sets the pointer to NULL after s...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References8Affected Software1
Amazon
Amazon
added 2026/06/22 12:0 a.m.11 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey CVE-2026-45838 In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec...

9.8CVSS6.4AI score0.00559EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: openvswitch: Fixed an issue where stack out-of-bounds reading occurred when fragmenting IPv4 packets. When running openvswitch on kernels built with KASAN, it is possible to observe the following error during the testing of IP...

7.1CVSS6.4AI score0.00254EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

A vulnerability was reported in the Open vSwitch sub-component of the Linux kernel. The flaw occurs when a recursive operation of the code push calls into the code block recursively. The OVS module does not validate the stack depth, causing too many frames to be pushed onto the stack, leading to ...

5.5CVSS6.7AI score0.0027EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: rejecting negative ifindex values Recent changes in net-next commit 759ab1edb56c refactored the handling of pre-assigned ifindex values. This led to a latent issue in ovs. ovs does not validate ifindex values,...

5.9AI score0.00203EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in OpenVSwitch

A flaw was discovered in Open vSwitch, where multiple versions are vulnerable to crafted Geneve packets, which may lead to a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...

7.5CVSS6.7AI score0.01033EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in OpenVSwitch

A flaw was discovered in Open vSwitch, allowing ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may enable a local attacker to create specially crafted packets with a modified or spoofed target IP address field, which can redirect ICMPv6 traffic...

7.1CVSS6.7AI score0.00389EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in OpenVSwitch

An out-of-bounds read in the Organization-Specific TLV was found in various versions of OpenvSwitch...

9.8CVSS7.2AI score0.01324EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 8:37 a.m.4 views

OPENSUSE-SU-2026:20972-1 Security update for openvswitch

This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498. - CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing bsc1262499. - CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273. Changes for...

8.6CVSS6.1AI score0.00868EPSS
Exploits0References6
OSV
OSV
added 2026/06/11 12:0 a.m.11 views

ALSA-2026:25217 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount CVE-2026-23216 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel:...

9.8CVSS5.5AI score0.00563EPSS
Exploits0References24
RedhatCVE
RedhatCVE
added 2026/06/10 9:27 p.m.11 views

CVE-2026-36499

A flaw was found in Open vSwitch. A missing upper-bound check in udpifsetthreads allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads, causing resource exhaustion and denial of service. Reported against Open vSwitch v3.6.90; affects...

6.5CVSS5.7AI score0.00328EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/06 2:48 a.m.8 views

SUSE CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

6.5CVSS5.4AI score0.00328EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-36499

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of...

6.5CVSS5.5AI score0.00328EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 7:16 p.m.14 views

CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

6.5CVSS0.00328EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 7:16 p.m.5 views

DEBIAN-CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

6.5CVSS5.4AI score0.00328EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 12:0 a.m.28 views

CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

0.00328EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 12:0 a.m.8 views

CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

5.8AI score0.00328EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 12:0 a.m.6 views

CVE-2026-36499

A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...

5.8AI score0.00328EPSS
Exploits0References3
Rows per page
Query Builder