Lucene search
K

479 matches found

SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.16 views

SUSE CVE-2026-46186

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe for every event/ACL/SCO/ISO type, without checking that the remaining...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46186

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe for every event/ACL/SCO/ISO type, without checking that the remaining...

5.5CVSS0.00123EPSS
Exploits0References7
Microsoft CVE
Microsoft CVE
added 2026/05/28 8:11 a.m.11 views

slip: bound decode() reads against the compressed packet length

...

8.2CVSS6.5AI score0.00278EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44309

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The virtbt rx handle function in the Bluetooth virtio bt driver fails to validate that the remaining payload length is sufficient to cover the fixed HCI header for the selected packet ty...

9.8CVSS5.9AI score0.03663EPSS
Exploits15References283
OSV
OSV
added 2026/05/27 6:18 p.m.18 views

JLSEC-2026-566 In GnuPG before 2.5.17, a long signature packet length causes parse_signature to return success...

In GnuPG before 2.5.17, a long signature packet length causes parsesignature to return success with sig-data set to a NULL value, leading to a denial of service application crash...

3.7CVSS5.8AI score0.00447EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient validation of the data packet length in the rxercv function. This vulnerability may...

9.1CVSS5.8AI score0.00514EPSS
Exploits0References5
NVD
NVD
added 2026/05/22 4:16 a.m.25 views

CVE-2026-9054

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

9.2CVSS0.00291EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/22 3:21 a.m.14 views

EUVD-2026-31403

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

9.2CVSS5.8AI score0.00291EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.18 views

PT-2026-42721

An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic...

9.2CVSS5.8AI score0.00291EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not redirect packets with invalid pktlen Syzbot identified an issue 1: the fqcodel Drop function attempts to drop a flow without any SKBs, that is, when flow-head is null. The root cause, as described in 2, is that the...

7.8CVSS6.2AI score0.00221EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the ice module, the issue of using an untrusted value of pktlen in the icevcfdirparseRaw function has been fixed. This issue was addressed by checking that the value of pktlen does not exceed the VIRTCHNLMAXSIZERAWPACKET value...

5.5CVSS5.3AI score0.00163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: Check the packet for fixup for true limits. If a device sends a packet that lies between 0 and sizeofu64, the value passed to skbtrim as the packet length will wrap around, resulting in a very large value. The driver...

5.5CVSS6.1AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9k: Avoid reading uninitialized memory in ath9khtcrxmsg. syzbot reports that the uninitialized value is accessed at ath9khtcrxmsg. For ioctlUSBRAWIOCTLEPWRITE, the function ath9khifusbrxstream may call with pktlen = 0, b...

5.9AI score0.00181EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in libslirp

In ncsi.c within libslirp up to 4.3.1, there is an issue of buffer over-reading. This occurs because the program attempts to read a certain amount of header data, even when that amount exceeds the total packet length...

4.3CVSS6.7AI score0.01443EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.9 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021648 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be...

5.5CVSS5.8AI score0.00164EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/19 9:55 p.m.10 views

dnsmasq: Broken ECS source validation bypass

A validation bypass was discovered in dnsmasq's RFC 7871 client subnet ECS handling. When verifying ECS source information in DNS responses, dnsmasq passes the OPT record length instead of the full packet length to the validation function.This causes all internal bounds checks to fail, completely...

5.3CVSS5.8AI score0.02681EPSS
Exploits2References5
SUSE CVE
SUSE CVE
added 2026/05/06 1:42 a.m.11 views

SUSE CVE-2026-31779

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential out-of-bounds read in iwlmvmndmatchinfohandler The memcpy function assumes the dynamic array notif-matches is at least as large as the number of bytes to copy. Otherwise, results-matches may...

8.1CVSS5.8AI score0.00271EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.11 views

PT-2026-36414

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A potential out-of-bounds read exists in the iwl mvm nd match info handler function. The memcpy function assumes the dynamic array notif-matches is at least as large as the number of byt...

8.1CVSS5.3AI score0.00378EPSS
Exploits0References117
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.9 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013755)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013755 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at...

5.6AI score0.00181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013149)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013149 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in...

5.9AI score0.00195EPSS
Exploits0References4
Rows per page
Query Builder