Lucene search
K

61 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a...

7.8CVSS6AI score0.00125EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:23 a.m.6 views

CVE-2026-53262

A flaw was found in the Linux kernel's pppol2tp module. This Use-After-Free UAF vulnerability arises from improper handling of session references within the pppol2tpioctl function. A local attacker could exploit this by triggering a race condition during data copying, leading to the dereferencing...

7.8CVSS6AI score0.00125EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53262

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53262

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53262 l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS0.00125EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53262

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS5.7AI score0.00125EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013666)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013666 advisory. In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp...

5.6AI score0.00156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011071)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011071 advisory. In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp...

5.6AI score0.00156EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-53809

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive...

6AI score0.00156EPSS
Exploits0References3
NVD
NVD
added 2025/12/09 1:16 a.m.7 views

CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

0.00156EPSS
Exploits0References5
OSV
OSV
added 2025/12/09 1:16 a.m.2 views

DEBIAN-CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

5.3AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2025/12/09 1:16 a.m.3 views

UBUNTU-CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

5.7AI score0.00156EPSS
Exploits0References8
Cvelist
Cvelist
added 2025/12/09 12:1 a.m.30 views

CVE-2023-53809 l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

0.00156EPSS
Exploits0References5
CVE
CVE
added 2025/12/09 12:1 a.m.14 views

CVE-2023-53809

The CVE-2023-53809 issue affects the Linux kernel where passing a pppol2tp socket as a UDP socket to l2tp_tunnel_register() could trigger a recursive locking deadlock. Root cause: a lock order condition allowed deadlock when a socket path led to nested locking of sk_lock-AF_PPPOX. The advisory no...

5.9AI score0.00156EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/12/09 12:1 a.m.6 views

CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

5.2AI score0.00156EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the fact that l2tptunnelregister can cause a recursive deadlock when passing pppol2tp file descriptors...

6.2AI score0.00156EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/03/19 12:0 a.m.32 views

Ubuntu: Security Advisory (USN-6700-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.9AI score0.28058EPSS
Exploits16References4
Tenable Nessus
Tenable Nessus
added 2024/03/18 12:0 a.m.61 views

Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6700-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6700-1 advisory. It was discovered that the Layer 2 Tunneling Protocol L2TP implementation in the Linux kernel contained a race condition when releasing...

7.8CVSS7.8AI score0.28058EPSS
Exploits16References8
BDU FSTEC
BDU FSTEC
added 2023/12/20 12:0 a.m.4 views

The vulnerability of the pppol2tp_create() function in the net/l2tp/l2tp_ppp.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information, or to enhance their privileges.

The vulnerability of the pppol2tpcreate function in the net/l2tp/l2tpppp.c module of the Linux kernel is related to concurrent resource access race condition. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected...

6.4CVSS6.5AI score0.0011EPSS
Exploits0References13Affected Software1
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.4 views

kernel: Kernel: Denial of Service via recursive deadlock in L2TP tunnel registration

A flaw was found in the kernel. A local user can exploit this vulnerability by passing a pppol2tp socket file descriptor as a UDP socket file descriptor during L2TP tunnel registration. This can cause a recursive deadlock, leading to a denial of service DoS on the system...

5.8AI score0.00156EPSS
Exploits0References5
Rows per page
Query Builder