Lucene search
K

12634 matches found

RedHat Linux
RedHat Linux
added 2025/08/19 9:59 a.m.7 views

kernel: tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

7.8CVSS6.8AI score0.00152EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-40217

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HTTP...

5.3CVSS7AI score0.0079EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/08/18 3:1 p.m.5 views

kernel: tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

7.8CVSS6.8AI score0.00152EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/18 2:11 p.m.5 views

kernel: tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

7.8CVSS6.8AI score0.00152EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/18 12:14 p.m.3 views

kernel: tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

7.8CVSS6.8AI score0.00152EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/18 12:0 p.m.9 views

kernel: tls: always refresh the queue when reading sock

In the Linux kernel, the following vulnerability has been resolved: tls: always refresh the queue when reading sock After recent changes in net-next TCP compacts skbs much more aggressively. This unearthed a bug in TLS where we may try to operate on an old skb when checking if all skbs in the que...

7.8CVSS6.8AI score0.00152EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/08/18 11:27 a.m.4 views

CVE-2025-38513

In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zdmactxtodev There is a potential NULL pointer dereference in zdmactxtodev. For example, the following is possible: T0 T1 zdmactxtodev / len == skbqueuelenq / while len...

5.5CVSS7.2AI score0.00149EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/18 11:27 a.m.6 views

CVE-2025-38546

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix memory leak of struct clipvcc. ioctlATMARPMKIP allocates struct clipvcc and set it to vcc-userback. The code assumes that vccdestroysocket passes NULL skb to vcc-push when the socket is closed, and then clippush...

5.5CVSS7.3AI score0.00149EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/18 9:24 a.m.5 views

CVE-2025-38552

In the Linux kernel, the following vulnerability has been resolved: mptcp: plug races between subflow fail and subflow creation We have races similar to the one addressed by the previous patch between subflow failing and additional subflow creation. They are just harder to trigger. The solution i...

5.3CVSS6.4AI score0.00146EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/18 9:9 a.m.6 views

CVE-2025-38545

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skbsharedinfo While transitioning from netdevallocipalign to buildskb, memory for the "skbsharedinfo" member of an "skb" was not allocated. Fix this by allocating...

4.4CVSS6.5AI score0.00134EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/08/18 4:58 a.m.4 views

CVE-2025-38532

In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx-doreset is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values...

4CVSS6.2AI score0.00135EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-11584

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it...

5.9CVSS5.5AI score0.00122EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-2735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemon...

7.8CVSS7.6AI score0.00299EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-5929

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components. CVE-2017-5929 Note that Nessus...

9.8CVSS6.5AI score0.07501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-36049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - socket.io-parser before 3.4.1 allows attackers to cause a denial of service memory consumption via a large packet because a concatenation approach is used...

7.5CVSS7.1AI score0.02589EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-5616

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for...

4.9CVSS5.4AI score0.00195EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2025/08/16 11:23 p.m.5 views

SUSE CVE-2025-38513

In the Linux kernel, the following vulnerability has been resolved: wifi: zd1211rw: Fix potential NULL pointer dereference in zdmactxtodev There is a potential NULL pointer dereference in zdmactxtodev. For example, the following is possible: T0 T1 zdmactxtodev / len == skbqueuelenq / while len...

4.7CVSS6.4AI score0.00149EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2025/08/16 11:22 p.m.3 views

SUSE CVE-2025-38524

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recv-recv race of completed call If a call receives an event such as incoming data, the call gets placed on the socket's queue and a thread in recvmsg can be awakened to go and process it. Once the thread has picked up...

5.5CVSS6.3AI score0.00104EPSS
Exploits0References22
RedhatCVE
RedhatCVE
added 2025/08/16 2:24 p.m.9 views

CVE-2025-9036

A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection...

8.5CVSS7.2AI score0.0015EPSS
Exploits0References1
NVD
NVD
added 2025/08/16 12:15 p.m.6 views

CVE-2025-38532

In the Linux kernel, the following vulnerability has been resolved: net: libwx: properly reset Rx ring descriptor When device reset is triggered by feature changes such as toggling Rx VLAN offload, wx-doreset is called to reinitialize Rx rings. The hardware descriptor ring may retain stale values...

5.5CVSS0.00135EPSS
Exploits0References4
Rows per page
Query Builder