Lucene search
K

33 matches found

NVD
NVD
added 6 days ago11 views

CVE-2026-53235

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

7.5CVSS0.00466EPSS
Exploits0References4
OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-53235

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

8.2CVSS5.7AI score0.00466EPSS
Exploits0References7
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39326

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

5.7AI score0.00466EPSS
Exploits0References4
CVE
CVE
added 6 days ago7 views

CVE-2026-53235

Summary of technical details (CVE-2026-53235) : The Linux kernel GRO receive path had a bug in skb_gro_receive_list() where skb_pull(skb, skb_gro_offset(skb)) could run without ensuring the data is linear (missing pskb_may_pull() guard). When packets arrive via napi_gro_frags(), skb_headlen can b...

7.5CVSS5.7AI score0.00466EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.1 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: IB/core: A limit has been implemented on the size of the UMAD receive list. The current behavior of ibumad—which maintains received MAD packets in an unbounded list—poses a risk of uncontrolled growth. As user-space applications...

5.5CVSS6.2AI score0.00248EPSS
Exploits0References2
OSV
OSV
added 2026/05/16 12:20 p.m.13 views

CLSA-2026-1778930898 kernel: Fix of CVE-2026-46300

ptrace: require CAPSYSPTRACE when task has no mm - net: udpoffload: propagate SKBFLSHAREDFRAG in skbgroreceivelist CVE-2026-46300...

7.8CVSS6AI score0.03663EPSS
Exploits11References1
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.2 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42145)

IB/core: an unbounded UMAD receive list, poses a risk of uncontrolled growth. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504750;...

5.5CVSS6.8AI score0.00248EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990496 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...

5.5CVSS6.1AI score0.00248EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990286)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990286 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...

5.5CVSS6.1AI score0.00248EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/10/29 12:20 a.m.3 views

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

7.1CVSS6.7AI score0.00178EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.0 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986564 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/core: Implement a limit on UMAD receive List The existing behavior of ibumad, which maintains...

5.5CVSS6.1AI score0.00248EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/09/29 5:35 a.m.2 views

kernel: tls: fix handling of zero-length records on the rx_list

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

7.1CVSS6.7AI score0.00178EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2025/09/08 11:22 p.m.3 views

SUSE CVE-2025-39682

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

7CVSS6.4AI score0.00178EPSS
Exploits1References75
Microsoft CVE
Microsoft CVE
added 2025/09/07 8:10 a.m.4 views

tls: fix handling of zero-length records on the rx_list

...

7.1CVSS6.8AI score0.00178EPSS
Exploits1
Debian CVE
Debian CVE
added 2025/09/05 5:20 p.m.3 views

CVE-2025-39682

In the Linux kernel, the following vulnerability has been resolved: tls: fix handling of zero-length records on the rxlist Each recvmsg call must process either - only contiguous DATA records any number of them - one non-DATA record If the next record has different type than what has already been...

7.1CVSS6.1AI score0.00178EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/08/26 11:26 p.m.3 views

SUSE CVE-2024-58239

In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...

7CVSS6.5AI score0.00175EPSS
Exploits2References35
NVD
NVD
added 2025/08/22 2:15 p.m.5 views

CVE-2024-58239

In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...

5.5CVSS0.00175EPSS
Exploits2References7
Cvelist
Cvelist
added 2025/08/22 1:1 p.m.8 views

CVE-2024-58239 tls: stop recv() if initial process_rx_list gave us non-DATA

In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...

0.00175EPSS
Exploits2References7
CVE
CVE
added 2025/08/22 1:1 p.m.50 views

CVE-2024-58239

CVE-2024-58239 affects the Linux kernel TLS receive path. If a non-DATA record remains on the rx_list and another record of the same type is still queued, records can merge, causing incorrect processing: the non-DATA record may be treated as DATA, leading to improper handling. The fix described i...

5.5CVSS6.5AI score0.00175EPSS
Exploits2References7Affected Software1
Debian CVE
Debian CVE
added 2025/08/22 1:1 p.m.3 views

CVE-2024-58239

In the Linux kernel, the following vulnerability has been resolved: tls: stop recv if initial processrxlist gave us non-DATA If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrxlist copies the non-DATA record -...

5.5CVSS5.5AI score0.00175EPSS
Exploits2
Rows per page
Query Builder