Lucene search
K

132 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000667 advisory. The caifseqpktrecvmsg function in net/caif/caifsocket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to...

4.9CVSS6.5AI score0.00378EPSS
Exploits0References12
Microsoft CVE
Microsoft CVE
added 2026/01/15 9:2 a.m.4 views

caif: fix integer underflow in cffrml_receive()

...

5.3CVSS5.3AI score0.00173EPSS
Exploits0
OSV
OSV
added 2026/01/13 4:16 p.m.5 views

UBUNTU-CVE-2025-68799

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...

5.7AI score0.00173EPSS
Exploits0References38
OSV
OSV
added 2026/01/13 3:29 p.m.4 views

CVE-2025-68799 caif: fix integer underflow in cffrml_receive()

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...

6.2AI score0.00173EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68799

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 fr...

7.1AI score0.00173EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992929 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...

7.8CVSS5.2AI score0.00159EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992672)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992672 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...

7.8CVSS5.2AI score0.00159EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990754 advisory. In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in...

7.8CVSS5.2AI score0.00159EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989468)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989468 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object...

5.5CVSS6AI score0.00226EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387673 advisory. In the Linux kernel, the following vulnerability has been resolved: caifvirtio: fix wrong pointer check in cfvprobe delvqs frees virtqueues, therefore cfv-vqtx point...

5.5CVSS6.2AI score0.002EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-13119

Malicious code in bioql PyPI...

6.3AI score0.00159EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/09/16 6:25 p.m.13 views

CVE-2023-53330

In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrllinkuprequest When linktype is unknown or kzalloc failed in cfctrllinkuprequest, pkt is not released. Add release process to error path...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References4
CVE
CVE
added 2025/09/16 4:12 p.m.24 views

CVE-2023-53330

CVE-2023-53330 : In the Linux kernel, memory leak in cfctrl_linkup_request() can occur when linktype is unknown or kzalloc() fails, as pkt is not released on error. The resolution adds a release path to the error flow, mitigating a potential memory leak in affected code paths. Connected advisorie...

5.5CVSS6.1AI score0.00136EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-47297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: fix uninit-value in caifseqpktsendmsg When nrsegs equal to zero in iovecfromuser, the object msg-msgiter.iov is uninit stack memory in caifseqpktsendmsg...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-47121

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: caif: fix memory leak in cfusbldevicenotify In case of caifenrolldev fail, allocated linksupport won't be assigned to the corresponding structure. So simpl...

5.5CVSS6.1AI score0.0023EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-47122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in caifdevicenotify In case of caifenrolldev fail, allocated...

5.5CVSS5.9AI score0.00228EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-53138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN:...

7.8CVSS6.8AI score0.00159EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.7 views

The vulnerability of the cfusbl_create() function in the net/caif/caif_usb.c module, which is part of the Linux kernel’s networking functions, allows a hacker to gain access to protected information.

The vulnerability of the cfusblcreate function in the net/caif/caifusb.c module, which implements kernel networking functions in the Linux operating system, is related to improper memory release before deleting the last reference „memory leak“. Exploiting this vulnerability may allow an attacker ...

5.5CVSS5.9AI score0.0023EPSS
Exploits0References21Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.6 views

The vulnerability of the caif_device_notify() function in the net/caif/caif_dev.c module, which is part of the Linux kernel’s networking functions, allows a hacker to gain access to protected information.

The vulnerability of the caifdevicenotify function in the net/caif/caifdev.c module, which is part of the Linux kernel’s networking functions, stems from improper memory release before deleting the last reference to memory memory leak. Exploiting this vulnerability could allow an attacker to gain...

5.5CVSS5.9AI score0.00228EPSS
Exploits0References21Affected Software1
Microsoft CVE
Microsoft CVE
added 2025/05/05 7:0 a.m.4 views

caif_virtio: fix wrong pointer check in cfv_probe()

...

5.5CVSS7.4AI score0.002EPSS
Exploits0
Rows per page
Query Builder