23998 matches found
CVE-2026-43284
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...
ALSA-2026:A005 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xfrm: esp: avoid in-place decrypt on shared skb frags CVE-2026-43284 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
PT-2026-38984
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF subsystem where the check mem access function matches PTR TO BUF via base type, which strips PTR MAYBE NULL. This allows direct dereference of pointers without...
PT-2026-38972
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the BPF verifier where live registers for indirect jumps are not properly marked. Specifically, for a gotox rX instruction, the rX register is not marked as used withi...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with NCI packet parameter validation. This vulnerability may lead to communication failures...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the checkmemaccess function in the BPF module, which matches PTRTOBUF pointers using...
PT-2026-39226
Name of the Vulnerable Software and Affected Versions PgBouncer versions prior to 1.25.2 Description An integer overflow in the network packet parsing code allows an unauthenticated remote attacker to bypass a boundary check. By sending a malformed SCRAM authentication packet, the attacker can...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper clearing of the queue during the process of sending ring reset commands. This...
SUSE CVE-2026-43217
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...
SUSE CVE-2026-43254
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...
RHEL 9 : corosync (RHSA-2026:14211)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14211 advisory. The corosync packages provide the Corosync Cluster Engine and C APIs for Red Hat Enterprise Linux cluster software. Security Fixes: corosyn...
container: pf Rule Injection via Domain Name Argument in `container system dns create --localhost` Command
The container system dns create --localhost command accepts a domainName argument and passes it unsanitized into the pf anchor file /etc/pf.anchors/com.apple.container as a comment in a rule line. A domain name containing a newline character breaks out of the comment context and injects an...
Linux Distros Unpatched Vulnerability : CVE-2026-43254
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multipl...
CVE-2026-43254
A flaw was found in the Linux kernel's handling of OpenVPN ovpn TCP network traffic. This vulnerability occurs when the kernel processes multiple network packets that have been combined into a single stream. An attacker could exploit this by sending specially crafted TCP packets, leading to issue...
CVE-2026-43208
A flaw was found in the Linux kernel's networking component. An incorrect assumption about the size and immutability of the Receive Packet Steering RPS table could lead to an out-of-bounds memory access. This vulnerability, occurring during the computation of flowid in the setrpscpu function, cou...
corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet
A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...
Moderate: Red Hat Security Advisory: corosync security update
An update for corosync is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...
corosync: Corosync: Denial of Service and information disclosure via crafted UDP packet
A flaw was found in Corosync. A remote unauthenticated attacker can exploit a wrong return value vulnerability in the Corosync membership commit token sanity check by sending a specially crafted User Datagram Protocol UDP packet. This can lead to an out-of-bounds read, causing a denial of service...
EUVD-2026-27815
In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpntcprecv, we receive large cloned skbs from strprcv that may contain multiple coalesced packets. The current implementation has two bugs: 1. Head...
EUVD-2026-27635
In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing txframes wl1251txpacketcb uses the firmware completion ID directly to index the fixed 16-entry wl-txframes array. The ID is a raw u8 from the completion block, and the callback do...