Lucene search
+L

279 matches found

osv
osv
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-365 TigerVNC accessible via the network and not just via a UNIX socket as intended

Summary jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by jupyter-remote-desktop-proxy were still accessible via the network. This vulnerability does not affect users having...

9CVSS5.8AI score0.00904EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/06/25 11:7 p.m.5 views

CVE-2026-53034

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF and sockmap components, specifically within the afunix socket operations. A race condition occurs during the connection process where a socket's state is updated before its peer is fully assigned. This timing issue can lead to a...

7CVSS5.8AI score0.00128EPSS
Exploits0References4
nessus
nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53035

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf, sockmap: Fix afunix iter deadlock bpfiterunixseqshow may deadlock when locksockfast takes the fast path and the iter prog attempts to update a sockmap...

5.5CVSS6.2AI score0.00095EPSS
Exploits0References3
euvd
euvd
added 2026/06/24 6:32 p.m.7 views

EUVD-2026-38901

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

5.7AI score0.00135EPSS
Exploits0References7
osv
osv
added 2026/06/24 4:29 p.m.2 views

CVE-2026-53035 bpf, sockmap: Fix af_unix iter deadlock

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix afunix iter deadlock bpfiterunixseqshow may deadlock when locksockfast takes the fast path and the iter prog attempts to update a sockmap. Which ends up spinning at sockmapupdateelem's bhlocksock: WARNING:...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References9
osv
osv
added 2026/06/24 4:29 p.m.3 views

CVE-2026-53033 bpf, sockmap: Take state lock for af_unix iter

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

7.8CVSS5.8AI score0.00135EPSS
Exploits0References12
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: AppArmor: Fixed the issue where NULL sock was used in aasockfileperm. Consider the possibility that sock and sock-sk could become NULL during socket setup or tear-down. This could lead to an error. The fix for NULL pointer...

5.5CVSS5.7AI score0.0016EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/24 7:14 a.m.35 views

CVE-2026-52928 af_unix: Reject SIOCATMARK on non-stream sockets

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

0.00114EPSS
Exploits0References7
osv
osv
added 2026/06/24 7:14 a.m.4 views

CVE-2026-52928 af_unix: Reject SIOCATMARK on non-stream sockets

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References10
osv
osv
added 2026/06/19 8:46 p.m.12 views

GHSA-P86G-XRR2-PF7C CoreWCF: Pre-authentication infinite-loop CPU exhaustion in CoreWCF net.tcp / net.pipe / net.uds framing handshake

Impact An unauthenticated remote attacker can pin one server thread‑pool worker at 100 % CPU per connection. With a few connections, the CPU usage can be exhausted. Preconditions An attacker being able to reach a service which is exposing an endpoint using one of NetTcpBinding, NetNamedPipeBindin...

7.5CVSS5.9AI score0.00476EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/08 12:0 a.m.15 views

PT-2026-47581

netty unix socket recvFd sets msg control to char controlCMSG SPACEsizeofint line 940 — 24 bytes on 64-bit Linux. A peer-sent SCM RIGHTS cmsg carrying two ints has cmsg len = CMSG LEN8 = 24, which fits exactly with no MSG CTRUNC, so the kernel installs both fds in the receiving process. The...

4CVSS5.5AI score
Exploits0References5
redhat
redhat
added 2026/06/03 2:53 p.m.3 views

postgresql: PostgreSQL: Denial of Service via uncontrolled recursion in SSL/GSS negotiation

A flaw was found in PostgreSQL. Uncontrolled recursion during SSL Secure Sockets Layer and GSS Generic Security Service negotiation allows an attacker to achieve a sustained denial of service. This can be exploited by an attacker with access to a PostgreSQL AFUNIX socket. If SSL and GSS are both...

7.5CVSS6.9AI score0.00471EPSS
Exploits0References5
github
github
added 2026/05/28 7:55 p.m.15 views

nono: Sandbox escape on Linux via D-Bus: `systemd-run --user`

Summary The nono Landlock/seccomp policies allow access to local Unix domain sockets concrete and abstract. This allows an easy sandbox escape by talking to the per-user systemd dbus socket. Threat scenario: Running Aider, Claude Code, OpenCode or similar tools with "allow bash" policy so that it...

6AI score0.00012EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/05/27 3:33 p.m.10 views

EUVD-2026-32314

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aasockfileperm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in unixneedsrevalidation shows...

5.7AI score0.0016EPSS
Exploits0References9
nvd
nvd
added 2026/05/27 2:16 p.m.19 views

CVE-2026-45848

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aasockfileperm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in unixneedsrevalidation shows...

5.5CVSS0.0016EPSS
Exploits0References8
osv
osv
added 2026/05/27 12:16 p.m.2 views

CVE-2026-45887 af_unix: Fix memleak of newsk in unix_stream_connect().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

5.5CVSS5.8AI score0.00153EPSS
Exploits0References6
cvelist
cvelist
added 2026/05/27 12:15 p.m.42 views

CVE-2026-45848 apparmor: fix NULL sock in aa_sock_file_perm

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aasockfileperm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in unixneedsrevalidation shows...

0.0016EPSS
Exploits0References8
cve
cve
added 2026/05/27 12:15 p.m.34 views

CVE-2026-45848

The CVE-2026-45848 issue affects the Linux kernel AppArmor component, where NULL sock or sock-sk can occur during socket setup/teardown, potentially causing a NULL pointer dereference and a kernel oops (DoS) for af_unix sockets. Root cause is dereferencing NULL during socket operations; impact is...

5.5CVSS5.7AI score0.0016EPSS
Exploits0References8Affected Software1
osv
osv
added 2026/05/27 12:15 p.m.2 views

CVE-2026-45848 apparmor: fix NULL sock in aa_sock_file_perm

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aasockfileperm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in unixneedsrevalidation shows...

5.5CVSS5.9AI score0.0016EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2026/05/27 12:0 a.m.12 views

PT-2026-43715

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the AppArmor module. Specifically, the aa sock file perm function does not properly handle cases where sock and sock-sk can be NULL during socket set...

5.7CVSS5.4AI score0.0016EPSS
Exploits0
Rows per page
Query Builder