49 matches found
kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...
FreeBSD Security Advisory - FreeBSD-SA-26:26.ktls
FreeBSD Security Advisory - The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through...
Advisory ROSA-SA-2026-3295
Component: kernel-ml 5.15.208 OS: rosa-server79 Unaffected versions: = kernel-ml-5.15.208-1.0.1.res7 Affected versions: kernel-ml-5.15.208-1.0.1.res7 CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of Linux kernels. A...
Important: kernel-livepatch-5.10.253-252.1016
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-5.10.253-252.1016 Issue Correction: Please ensure you have live patching enabled. Run yum update...
Important: kernel-livepatch-5.10.252-250.1005
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-5.10.252-250.1005 Issue Correction: Please ensure you have live patching enabled. Run yum update...
Important: kernel-livepatch-6.18.25-52.107
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.18.25-52.107 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.83-113.160
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.12.83-113.160 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.83-111.159
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.12.83-111.159 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.73-95.123
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.12.73-95.123 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.1.170-213.321
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.1.170-213.321 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.1.168-202.320
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.1.168-202.320 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.18.8-9.213
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.18.8-9.213 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.1.166-197.305
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.1.166-197.305 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.1.170-210.320
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.1.170-210.320 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.18.20-20.229
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.18.20-20.229 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.79-101.147
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/rds: reset opnents when zerocopy page pin fails CVE-2026-43494 Affected Packages: kernel-livepatch-6.12.79-101.147 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Important: kernel-livepatch-6.12.80-105.147
Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.12.80-105.147 Issue Correction: Please ensure you have live patching enabled...
-authencesn-poc
authencesn-poc Mrowl made by c0redev https://unitdev.run...
Exploit for Write-what-where Condition in Linux Linux_Kernel
Dirty Frag — Kernel Patches Patch series for the Dirty Frag...
JLSEC-2026-403
A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...