Lucene search
K

9 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT The nfsklookupslowv4 function performs the conntrack lookup for IPv4 packets in order to restore the original 5-tuple in case of SNAT, so that the correct socket if any can be...

5.5CVSS6.2AI score0.00163EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992627 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for...

5.5CVSS6.2AI score0.00163EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2025-11372

Malicious code in bioql PyPI...

7.2AI score0.00163EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2025/04/17 1:33 a.m.1 views

SUSE CVE-2025-22021

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket if any. Then socketmatch can...

2.5CVSS7.7AI score0.00163EPSS
Exploits0References17
NVD
NVD
added 2025/04/16 11:15 a.m.15 views

CVE-2025-22021

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket if any. Then socketmatch can...

5.5CVSS0.00163EPSS
Exploits0References11
OSV
OSV
added 2025/04/16 11:15 a.m.4 views

DEBIAN-CVE-2025-22021

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket if any. Then socketmatch can...

5.5CVSS5.7AI score0.00163EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/16 10:20 a.m.17 views

CVE-2025-22021 netfilter: socket: Lookup orig tuple for IPv6 SNAT

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket if any. Then socketmatch can...

0.00163EPSS
Exploits0References9
CVE
CVE
added 2025/04/16 10:20 a.m.133 views

CVE-2025-22021

Summary (CVE-2025-22021): In the Linux kernel, the IPv6 SNAT path for socket lookups was missing a conntrack-based orig-tuple restoration, causing xt_socket to fail matching on SNATed IPv6 packets. Kubernetes uses IPv6 SNAT for pod-to-world traffic; in such environments, Cilium with Envoy relies ...

5.5CVSS6.5AI score0.00163EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2025/04/16 10:20 a.m.6 views

CVE-2025-22021 netfilter: socket: Lookup orig tuple for IPv6 SNAT

In the Linux kernel, the following vulnerability has been resolved: netfilter: socket: Lookup orig tuple for IPv6 SNAT nfsklookupslowv4 does the conntrack lookup for IPv4 packets to restore the original 5-tuple in case of SNAT, to be able to find the right socket if any. Then socketmatch can...

5.5CVSS6.1AI score0.00163EPSS
Exploits0References14
Rows per page
Query Builder