Lucene search
K

127 matches found

OSV
OSV
added 2025/07/03 9:15 a.m.3 views

DEBIAN-CVE-2025-38154

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Avoid using sksocket after free when sending The sk-sksocket is not locked or referenced in backlog thread, and during the call to skbsendsock, there is a race condition with the release of sksocket. All types of...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.5 views

kernel: bpf, sockmap: Fix race between element replace and close()

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...

7CVSS6.8AI score0.00173EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/02/27 3:6 a.m.3 views

SUSE CVE-2022-49450

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix listen setting the bar too high for the prealloc rings AFRXRPC's listen handler lets you set the backlog up to 32 if you bump up the sysctl, but whilst the preallocation circular buffers have 32 slots in them, one of...

5.5CVSS7.5AI score0.00283EPSS
Exploits0References3
OSV
OSV
added 2025/02/26 7:1 a.m.3 views

UBUNTU-CVE-2022-49450

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix listen setting the bar too high for the prealloc rings AFRXRPC's listen handler lets you set the backlog up to 32 if you bump up the sysctl, but whilst the preallocation circular buffers have 32 slots in them, one of...

5.5CVSS5.8AI score0.00283EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.12 views

PT-2025-8623 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been identified, where the tls sk proto close function is executed repeatedly due to an incorrect update of the ctx-sk proto to sock-sk prot by...

7AI score
Exploits0References1
Amazon
Amazon
added 2025/02/21 12:0 a.m.4 views

Medium: nodejs

Issue Overview: A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to...

5.3CVSS7.7AI score0.01327EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2025/02/17 7:21 p.m.4 views

nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap

A vulnerability was found in NodeJS when handling HTTP/2 connections, where the remote peer abruptly closes the socket without sending the proper HTTP/2 notification to the server, leading to a memory leak. This flaw allows an attacker to force the targeted process in the targeted host to an...

5.3CVSS5.8AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/13 4:3 p.m.2 views

nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap

A vulnerability was found in NodeJS when handling HTTP/2 connections, where the remote peer abruptly closes the socket without sending the proper HTTP/2 notification to the server, leading to a memory leak. This flaw allows an attacker to force the targeted process in the targeted host to an...

5.3CVSS5.8AI score0.01327EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close netlink supports iterative dumping of data. It includes the following functions: - start – optional Initiates the dumping process. - dump – The actual dumping process; this...

5.5CVSS6.3AI score0.00235EPSS
Exploits1References3
OSV
OSV
added 2025/02/07 7:15 a.m.4 views

ALPINE-CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS6.7AI score0.01327EPSS
Exploits0References1
OSV
OSV
added 2025/02/07 7:15 a.m.2 views

DEBIAN-CVE-2025-23085

A memory leak could occur when a remote peer abruptly closes the socket without sending a GOAWAY notification. Additionally, if an invalid header was detected by nghttp2, causing the connection to be terminated by the peer, the same leak was triggered. This flaw could lead to increased memory...

5.3CVSS6.5AI score0.01327EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/07 12:0 a.m.4 views

Node.js 安全漏洞

Node.js is an open source, cross-platform JavaScript runtime environment from the Node.js open source. A security vulnerability exists in Node.js versions v18.x, v20.x, v22.x, and v23.x. The vulnerability stems from a memory leak that may occur when a remote peer suddenly closes a socket without...

5.3CVSS6.5AI score0.01327EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2025/01/29 8:0 a.m.4 views

netlink: terminate outstanding dump on socket close

...

5.5CVSS7.1AI score0.00235EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2025/01/10 12:21 a.m.5 views

SUSE CVE-2024-56664

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix race between element replace and close Element replace with a socket different from the one stored may race with socket's close link popping & unlinking. sockmapdelete unconditionally unrefs the wrong element: /...

7CVSS7.7AI score0.00173EPSS
Exploits0References52
RedhatCVE
RedhatCVE
added 2024/12/29 2:31 p.m.8 views

CVE-2024-53210

In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...

6.1CVSS6.5AI score0.00217EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/12/28 3:50 a.m.4 views

SUSE CVE-2024-53210

In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...

5.5CVSS7.5AI score0.00217EPSS
Exploits0References17
OSV
OSV
added 2024/12/27 2:15 p.m.5 views

AZL-55615 CVE-2024-53210 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: s390/iucv: MSGPEEK causes memory leak in iucvsockdestruct Passing MSGPEEK flag to skbrecvdatagram increments skb refcount skb-users and iucvsockrecvmsg does not decrement skb refcount at exit. This results in skb memory leak in...

5.5CVSS6.7AI score0.00217EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/12/05 12:15 a.m.3 views

SUSE CVE-2024-53140

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps getti...

5.5CVSS6.8AI score0.00235EPSS
Exploits1References16
OSV
OSV
added 2024/12/04 3:15 p.m.14 views

AZL-54197 CVE-2024-53140 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps getti...

5.5CVSS6.4AI score0.00235EPSS
Exploits1References1
OSV
OSV
added 2024/12/04 3:15 p.m.8 views

DEBIAN-CVE-2024-53140

In the Linux kernel, the following vulnerability has been resolved: netlink: terminate outstanding dump on socket close Netlink supports iterative dumping of data. It provides the families the following ops: - start - optional kicks off the dumping process - dump - actual dump helper, keeps getti...

5.5CVSS5.8AI score0.00235EPSS
Exploits1References1
Rows per page
Query Builder