Lucene search
K

445 matches found

OSV
OSV
added 2026/02/12 11:24 a.m.6 views

USN-8034-1 linux-nvidia-tegra, linux-nvidia-tegra-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS6.8AI score0.00248EPSS
Exploits4References116
OSV
OSV
added 2026/02/12 11:12 a.m.11 views

USN-8033-3 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS7AI score0.00248EPSS
Exploits4References115
OSV
OSV
added 2026/02/12 10:55 a.m.17 views

USN-8033-2 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS6.9AI score0.00248EPSS
Exploits4References115
Ubuntu
Ubuntu
added 2026/02/12 10:55 a.m.17 views

USN-8033-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS5.9AI score0.00248EPSS
Exploits4
OSV
OSV
added 2026/02/12 10:40 a.m.14 views

USN-8033-1 linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

7.8CVSS6.8AI score0.00248EPSS
Exploits4References115
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

Ubuntu 24.04 LTS / 25.10 : Linux kernel vulnerabilities (USN-8014-1)

The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8014-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects...

6.5AI score0.00274EPSS
Exploits1References3
OSV
OSV
added 2026/02/04 6:36 p.m.7 views

USN-8014-1 linux, linux-aws, linux-azure, linux-gcp, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Unix domain sockets; CVE-2025-40019, CVE-2025-40214...

5.9AI score0.00274EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2026/02/04 6:36 p.m.4 views

USN-8014-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Unix domain sockets; CVE-2025-40019, CVE-2025-40214...

5.5AI score0.00274EPSS
Exploits1
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: afunix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unixstreamreadgeneric. The following sequences reproduce the issue: $ python3 from socket import s1, s2 = socketpairAFUNIX, SOCKSTREAM...

7.8CVSS6.5AI score0.00247EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/01/20 8:41 p.m.4 views

CVE-2026-21636

A flaw in Node.js's permission model allows Unix Domain Socket UDS connections to bypass network restrictions when --permission is enabled. Even without --allow-net, attacker-controlled inputs such as URLs or socketPath options can connect to arbitrary local sockets via net, tls, or undici/fetch...

10CVSS6.8AI score0.00663EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/06 3:34 a.m.11 views

CVE-2025-14282

A flaw was found in Dropbear. When running in multi-user mode and authenticating users, the dropbear ssh server does the socket forwardings requested by the remote client as root, only switching to the logged-in user upon spawning a shell or performing some operations like reading the user's file...

6AI score0.00364EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/12/24 1:5 p.m.8 views

CVE-2022-50763

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...

5.6AI score0.00209EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/12/24 12:23 p.m.5 views

CVE-2023-54052

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix skb leak by txs missing in AMSDU txs may be dropped if the frame is aggregated in AMSDU. When the problem shows up, some SKBs would be hold in driver to cause network stopped temporarily. Even if the probl...

5.1AI score0.002EPSS
Exploits0
Hacker One
Hacker One
added 2025/12/15 9:31 a.m.20 views

Node.js: Node.js permission model bypass via unchecked Unix Domain Socket connections (UDS)

A flaw was discovered in Node.js's permission model that allowed Unix Domain Socket UDS connections to bypass network restrictions when --permission was enabled. Even without --allow-net, attacker-controlled inputs could connect to arbitrary local sockets via net, tls, or undici/fetch, breaking t...

10CVSS5.7AI score0.00663EPSS
Exploits1
OSV
OSV
added 2025/12/04 1:15 p.m.2 views

DEBIAN-CVE-2025-40214

In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...

5.2AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/04 12:38 p.m.28 views

CVE-2025-40214 af_unix: Initialise scc_index in unix_add_edge().

In the Linux kernel, the following vulnerability has been resolved: afunix: Initialise sccindex in unixaddedge. Quang Le reported that the AFUNIX GC could garbage-collect a receive queue of an alive in-flight socket, with a nice repro. The repro consists of three stages. 1 1-a. Create a single...

0.00171EPSS
Exploits0References6
CVE
CVE
added 2025/12/04 12:38 p.m.183 views

CVE-2025-40214

CVE-2025-40214 is a Linux kernel vulnerability in AF_UNIX handling where unix_add_edge() fails to initialize vertex->scc_index. This allows unix_vertex_dead() to misjudge that sk-A and sk-B are in the same SCC, risking incorrect dead/GC decisions during in-flight socket GC. The repro and root ...

6AI score0.00171EPSS
Exploits0References7
OSV
OSV
added 2025/12/01 12:0 a.m.2 views

ASB-A-432753641

In unixstreamrecvurg of afunix.c, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.4AI score0.00247EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990851)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990851 advisory. In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data races in unixreleasesock/unixstreamsendmsg A data-race condition has been...

4.7CVSS6AI score0.00186EPSS
Exploits0References4
NVD
NVD
added 2025/10/28 12:15 p.m.4 views

CVE-2025-40080

In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 "nbd: verify socket is supported during setup" made sure the socket supported a shutdown method. Explicitel...

0.00183EPSS
Exploits0References5
Rows per page
Query Builder