19 matches found
CVE-2026-43366
A flaw was found in the Linux kernel. A vulnerability exists in the iouring/kbuf component related to buffer recycling. There is a time gap where a buffer list, if empty, could be incorrectly upgraded to a ring-provided type. The legacy recycling mechanism fails to properly check the buffer list'...
CVE-2026-43366
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2026-43366
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
UBUNTU-CVE-2026-43366
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2026-43366 io_uring/kbuf: check if target buffer list is still legacy on recycle
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
CVE-2026-43366
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled, where if the list is empty, someone could've upgraded it to a ring...
Linux Distros Unpatched Vulnerability : CVE-2026-43366
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/kbuf: check if target buffer list is still legacy on recycle There's a gap between when the buffer was grabbed and when it potentially gets recycled,...
PT-2026-39027
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the io uring/kbuf component where a gap occurs between grabbing a buffer and its potential recycling. If the buffer list is empty, it may be upgraded to a ring-provided...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the wifi driver mac80211 not properly recycling the skb in the ieee80211dostop function...
UBUNTU-CVE-2024-35834
In the Linux kernel, the following vulnerability has been resolved: xsk: recycle buffer in case Rx queue was full Add missing xskbufffree call when xskrcvzc failed to produce descriptor to XSK Rx queue...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing the driver to prompt for SKB recycling...
SUSE CVE-2010-2227
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...
jetty: buffer not correctly recycled in Gzip Request inflation
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that ...
openSUSE Security Update : jetty-minimal (openSUSE-2021-12)
This update for jetty-minimal fixes the following issues : - jetty-minimal was upgraded to version 9.4.35.v20201120 - CVE-2020-27218: Fixed an issue where buffer not correctly recycled in Gzip Request inflation bsc1179727. This update was imported from the SUSE:SLE-15-SP2:Update update project. C...
OPENSUSE-SU-2021:0012-1 Security update for jetty-minimal
This update for jetty-minimal fixes the following issues: - jetty-minimal was upgraded to version 9.4.35.v20201120 - CVE-2020-27218: Fixed an issue where buffer not correctly recycled in Gzip Request inflation bsc1179727. This update was imported from the SUSE:SLE-15-SP2:Update update project...
Security update for jetty-minimal (moderate)
openSUSE Security Update: Security update for jetty-minimal Announcement ID: openSUSE-SU-2021:0012-1 Rating: moderate References: 1179727 Cross-References: CVE-2020-27218 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...
SUSE-SU-2020:3922-1 Security update for jetty-minimal
This update for jetty-minimal fixes the following issues: - jetty-minimal was upgraded to version 9.4.35.v20201120 - CVE-2020-27218: Fixed an issue where buffer not correctly recycled in Gzip Request inflation bsc1179727...
GHSA-86WM-RRJM-8WH8 Buffer not correctly recycled in Gzip Request inflation
Impact If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request on the same connection will see...
tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...