Lucene search
K

279 matches found

EUVD
EUVD
added 2026/05/01 2:15 p.m.7 views

EUVD-2026-26625

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...

5.8AI score0.00123EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.33 views

CVE-2026-43026 netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTAEXPECTNAT absent ctnetlinkallocexpect allocates expectations from a non-zeroing slab cache via nfctexpectalloc. When CTAEXPECTNAT is not present in the netlink message, savedad...

0.00123EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/04/25 1:36 a.m.8 views

SUSE CVE-2026-31671

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...

3.3CVSS5.4AI score0.00114EPSS
Exploits0References17
NVD
NVD
added 2026/04/24 3:16 p.m.5 views

CVE-2026-31671

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...

5.5CVSS0.00114EPSS
Exploits0References8
OSV
OSV
added 2026/04/24 2:45 p.m.1 views

CVE-2026-31671 xfrm_user: fix info leak in build_report()

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...

5.5CVSS6.2AI score0.00114EPSS
Exploits0References11
EUVD
EUVD
added 2026/04/24 2:45 p.m.6 views

EUVD-2026-25564

In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...

5.3AI score0.00114EPSS
Exploits0References8
CVE
CVE
added 2026/04/24 2:45 p.m.134 views

CVE-2026-31671

The CVE-2026-31671 issue is in the Linux kernel xfrm_user component. A struct xfrm_user_report includes a __u8 proto field followed by a struct xfrm_selector, creating three padding bytes that were never zeroed before copying to userspace. The vulnerability is a information leak caused by these u...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.10 views

PT-2026-35023

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An information leak exists in the build report function within xfrm user. The struct xfrm user report contains a u8 proto field followed by a struct xfrm selector, resulting in three byt...

9.8CVSS5.5AI score0.00443EPSS
Exploits0References495
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013718)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013718 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fsmoveinlinedirents When converting an inline directory to a...

5.6AI score0.00184EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013171 advisory. In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on dataavail and actual data The virtio rng device kicks off a new entro...

5.8AI score0.00177EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011259)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011259 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix leaking uninitialized memory in fast-commit journal When space at the end of fast-commi...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011268 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: storage: Fix memory leak in USB bulk transport A kernel memory leak was identified by the...

6.3CVSS6.5AI score0.01912EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013157)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013157 advisory. In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the...

5.7AI score0.00188EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011109)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011109 advisory. In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosecchardev: fix kernel data leak from ioctl It is possible to peep kernel...

7.1CVSS6.1AI score0.0017EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010873)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010873 advisory. In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the...

5.7AI score0.00188EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013025 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak Fix a KMSAN...

5.6AI score0.00189EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.10 views

PT-2026-31828

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description A heap use-after-free issue exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. Specifically, within the TLSX KeyShare ProcessPqcHybridClient function in...

6.5CVSS5.8AI score0.00275EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-36457

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An information leak exists when processing Router Advertisements with user options. The kernel constructs an 'RTM NEWNDUSEROPT' netlink message using the nduseroptmsg struct, which...

7.1CVSS5.5AI score0.00117EPSS
Exploits0
OSV
OSV
added 2026/03/13 2:44 p.m.8 views

CLSA-2026-1773413074 Fix CVE(s): CVE-2026-24481

SECURITY UPDATE: heap information disclosure in PSD channel decoder - debian/patches/CVE-2026-24481.patch: initialize pixel buffer with zeros in ReadPSDChannelZip to prevent heap memory disclosure - CVE-2026-24481...

7.5CVSS5.9AI score0.00348EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iio: light: as73211: Ensure buffer holes are zeroed Given that the buffer is copied to a kfifo that can ultimately be read by user space, it is necessary to ensure that the buffer is zeroed...

7.1CVSS6.4AI score0.00162EPSS
Exploits0References3
Rows per page
Query Builder