PT-2026-30411

A race condition during TCP connection teardown can cause tcp recv to operate on a connection that has already been released. If tcp conn search returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcp backlog is full and dereferenced without...

SUSE CVE-2024-49946

In the Linux kernel, the following vulnerability has been resolved: ppp: do not assume bh is held in pppchannelbridgeinput Networking receive path is usually handled from BH handler. However, some protocols need to acquire the socket lock, and packets might be stored in the socket backlog is the...

UBUNTU-CVE-2024-26800

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and cryptoaeaddecrypt returns -EBUSY, tlsdodecryption will wait until all async decryptions have completed. If one of them fails,...

aadetools (>=0.0.3 <=0.0.5), aegea (>=2.0.0 <=2.2.5) +119 more potentially affected by CVE-2021-3572 via pip (>=10.0.0b2 <=21.0.1)

pip PYPI version =10.0.0b2, =0.0.3, =2.0.0, =0.1.2, =0.0.1, =5.1.0, =0.0.1, =0.0.0, =0.0.2, =0.1.0, =0.0.0, =0.1.0.dev1, =0.0.1, =0.0.1, =0.2.3 and more Source cves: CVE-2021-3572 Source advisory: OSV:PYSEC-2021-437...