73855 matches found
kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...
kernel: Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync
A flaw was found in the Linux kernel's Bluetooth Host Controller Interface HCI synchronization. A local user could trigger a stack buffer overflow by binding a specific type of Bluetooth socket with an excessive number of Bluetooth Isochronous Stream BIS entries. This memory corruption can lead t...
CVE-2026-48715
radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...
GHSA-98M9-HRRM-R99R Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters
Uncontrolled Recursion in NestedParamsEncoder Allows Stack Exhaustion DoS via Deeply Nested Query Parameters Summary Faraday::NestedParamsEncoder, the default nested query parameter encoder/decoder in Faraday, decodes nested query strings without enforcing a maximum nesting depth. A crafted query...
CVE-2026-48715 radvdump's Route Information Option Parser has a Stack Buffer Overflow
radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...
CVE-2026-48715
radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...
CVE-2026-51846
In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution...
CVE-2026-51844
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter...
CVE-2026-51843
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter...
CVE-2026-51845
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scs: A wrong parameter was fixed in scsmagic. The scsmagic function requires a void variable, but a struct taskstruct is provided instead. taskscstsk represents the starting address of the task’s shadow call stack, and...
Astra Linux – Vulnerability in Linux 5.15
In the efirtasmwrapper of efi-rt-wrapper.S, there is a possible way to bypass shadow stack protection due to a logical error in the code. This could result in a local escalation of privileges without the need for additional execution privileges. User interaction is not required for exploitation...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Networks: Fixed a stack overflow issue when LRO is disabled for virtual interfaces. When the features of a virtual interface are updated, the updated features are synchronized with its underlying interfaces. This synchronization...
EUVD-2026-38051
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter...
EUVD-2026-38050
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter...
PT-2026-50969
Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow exists in the '/goform/AdvSetMacMtuWan' endpoint. This issue occurs when processing the wanSpeed parameter, which can lead to remote arbitrary code execution. Recommendations At...
EUVD-2026-38049
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter...
CVE-2026-51843
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter...
CVE-2026-51844
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter...
CVE-2026-51845
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter...