Lucene search
K

135 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: clsfw: fix NULL dereference of old filters before change Like pointed out by Sashiko 1, since commit ed76f5edccc9 net: sched: protect filterchain lis...

6AI score0.00172EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-53080

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsfw: fix NULL dereference of "old" filters before change Like pointed out by Sashiko 1, since commit ed76f5edccc9 "net: sched: protect filterchain list with filterchainlock mutex" TC filters are added to a shared blo...

0.00172EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a reproduction example for u32classify: Bug:...

7.1CVSS5.7AI score0.00117EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51974

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the cls fw module where TC filters are added to a shared block and published to the datapath before their change function is called. This allows an invalid filter...

5.7CVSS6AI score0.00172EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.12 views

CVE-2026-31924

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud-cls log export uses plaintext HTTP This issue affects Apache APISIX: from 2.99.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

5.3CVSS5.4AI score0.00238EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: sched: clsu32: Undo tcfbindfilter if u32replacehwknode When u32replacehwknode fails, we need to undo the tcf BindFilter operation performed at u32setparms...

5.2AI score0.00181EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

A use-after-free vulnerability in the Linux kernel’s net/sched:clsRoute component can be exploited to achieve local privilege escalation. When the route4change function is called on an existing filter, the entire tcfresult struct is always copied into the new instance of the filter. This creates ...

7.8CVSS6.6AI score0.00565EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.14 views

SUSE SLES15 Security Update : kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1725-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1725-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: -...

7.8CVSS6.9AI score0.96267EPSS
Exploits230References19
OSV
OSV
added 2026/05/07 2:35 a.m.7 views

SUSE-SU-2026:1733-1 Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.103 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

7.8CVSS6.8AI score0.96267EPSS
Exploits230References13
OSV
OSV
added 2026/05/06 12:33 p.m.9 views

SUSE-SU-2026:1718-1 Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during...

7.8CVSS7AI score0.96267EPSS
Exploits230References11
OSV
OSV
added 2026/05/05 2:58 p.m.6 views

SUSE-SU-2026:21505-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting ...

7.8CVSS7AI score0.96267EPSS
Exploits230References11
OSV
OSV
added 2026/05/05 1:7 p.m.4 views

SUSE-SU-2026:21474-1 Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting ...

7.8CVSS6.1AI score0.96267EPSS
Exploits230References11
OSV
OSV
added 2026/05/05 1:7 p.m.7 views

SUSE-SU-2026:21469-1 Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI...

7.8CVSS6.8AI score0.96267EPSS
Exploits230References13
OSV
OSV
added 2026/05/05 1:7 p.m.8 views

SUSE-SU-2026:21508-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI...

7.8CVSS6.8AI score0.96267EPSS
Exploits230References13
CVE
CVE
added 2026/05/01 2:15 p.m.21 views

CVE-2026-43035

The CVE affects the Linux kernel net: sched: cls_api code path tc_chain_fill_node, where tcm_info in struct tcmsg was not initialized, leaking heap memory to userspace via a 4-byte field. The fix zeros tcm_info alongside other initialized fields. Affected/patched details from connected docs: upst...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2026/05/01 2:15 p.m.5 views

CVE-2026-43035

In the Linux kernel, the following vulnerability has been resolved: net: sched: clsapi: fix tcchainfillnode to initialize tcminfo to zero to prevent an info-leak When building netlink messages, tcchainfillnode never initializes the tcminfo field of struct tcmsg. Since the allocation is not zeroed...

5.5CVSS5.7AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/05/01 1:12 p.m.37 views

CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

7.8CVSS7.4AI score0.00258EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/27 10:34 a.m.7 views

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

7.1CVSS5.4AI score0.00117EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/22 8:19 a.m.7 views

kernel: net/sched: cls_u32: use skb_header_pointer_careful()

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

7.1CVSS5.6AI score0.00117EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/14 8:8 a.m.28 views

CVE-2026-31924 Apache APISIX: Plugin tencent-cloud-cls log export uses plaintext HTTP

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud-cls log export uses plaintext HTTP This issue affects Apache APISIX: from 2.99.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

0.00238EPSS
Exploits0References1
Rows per page
Query Builder