Lucene search
K

13 matches found

EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32384

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...

5.9AI score0.00163EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.17 views

CVE-2026-45918

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...

5.5CVSS0.00163EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:17 p.m.19 views

UBUNTU-CVE-2026-45918

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.45 views

CVE-2026-45918 ovpn: tcp - don't deref NULL sk_socket member after tcp_close()

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...

0.00163EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:17 p.m.31 views

CVE-2026-45918

CVE-2026-45918 concerns a race condition in the Linux kernel related to OpenVPN TCP handling. When a peer is kept alive and later removed, the kernel temporarily places the peer in a release list and detaches from the socket by restoring its proto and socket callbacks. If userspace closes the soc...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/27 12:17 p.m.3 views

CVE-2026-45918 ovpn: tcp - don't deref NULL sk_socket member after tcp_close()

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References6
NVD
NVD
added 2026/05/06 12:16 p.m.48 views

CVE-2026-43216

In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skbmaytxtimestamp skbmaytxtimestamp may acquire sock::skcallbacklock. The lock must not be taken in IRQ context, only softirq is okay. A few drivers receive the timestamp via a dedicated interrupt and comple...

5.5CVSS0.00127EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.10 views

CVE-2026-43216

In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skbmaytxtimestamp skbmaytxtimestamp may acquire sock::skcallbacklock. The lock must not be taken in IRQ context, only softirq is okay. A few drivers receive the timestamp via a dedicated interrupt and comple...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/03 3:15 p.m.2 views

CVE-2026-23436 net: shaper: protect from late creation of hierarchy

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
NVD
NVD
added 2026/02/14 5:15 p.m.6 views

CVE-2026-23179

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixup hang in nvmettcplistendataready When the socket is closed while in TCPLISTEN a callback is run to flush all outstanding packets, which in turns calls nvmettcplistendataready with the skcallbacklock held. So we ne...

0.00167EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/14 4:27 p.m.29 views

CVE-2026-23179 nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready()

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixup hang in nvmettcplistendataready When the socket is closed while in TCPLISTEN a callback is run to flush all outstanding packets, which in turns calls nvmettcplistendataready with the skcallbacklock held. So we ne...

0.00167EPSS
Exploits0References3
OSV
OSV
added 2024/04/03 5:15 p.m.2 views

DEBIAN-CVE-2024-26731

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in skpsockverdictdataready syzbot reported the following NULL pointer dereference issue 1: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:0x0 ... Call Trac...

5.3CVSS5.8AI score0.00828EPSS
Exploits0References1
OSV
OSV
added 2024/04/03 5:15 p.m.5 views

UBUNTU-CVE-2024-26731

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix NULL pointer dereference in skpsockverdictdataready syzbot reported the following NULL pointer dereference issue 1: BUG: kernel NULL pointer dereference, address: 0000000000000000 ... RIP: 0010:0x0 ... Call Trac...

5.3CVSS5.7AI score0.00828EPSS
Exploits0References7
Rows per page
Query Builder