Lucene search
K

7 matches found

Debian CVE
Debian CVE
added 2026/05/06 7:40 a.m.4 views

CVE-2026-43080

In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...

5.5CVSS5.8AI score0.00122EPSS
Exploits0
OSV
OSV
added 2026/03/18 6:16 p.m.4 views

UBUNTU-CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

5.5CVSS5.5AI score0.00114EPSS
Exploits0References15
OSV
OSV
added 2026/03/18 5:41 p.m.5 views

CVE-2026-23254 net: gro: fix outer network offset

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References7
CVE
CVE
added 2026/03/18 5:41 p.m.17 views

CVE-2026-23254

CVE-2026-23254 (Linux kernel): The issue affects UDP GRO in the net/ gro path, where the complete stage incorrectly uses the inner network offset when the encapsulation flag is not reliably zeroed by hardware offloads. The root cause is an assumption that all RX-inserted packets have encapsulatio...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:8 p.m.3 views

CVE-2026-23095

In the Linux kernel, the following vulnerability has been resolved: gue: Fix skb memleak with inner IP protocol 0. syzbot reported skb memleak below. 0 The repro generated a GUE packet with its inner protocol 0. gueudprecv returns -guehdr-protoctype for "resubmit" in ipprotocoldeliverrcu, but thi...

5.2AI score0.00239EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:7 p.m.3 views

CVE-2026-23072

In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...

5.2AI score0.00121EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/01/22 12:0 a.m.6 views

The vulnerability of GUE tunneling protocols, related to insufficient verification of the communication channel source, allows attackers to execute attacks such as “substitution of the trusted object”.

The vulnerability of GUE tunneling protocols lies in insufficient verification of the source of the communication channel. Exploiting this vulnerability allows a malicious actor to execute attacks such as “substitution of the trusted object” by sending a specially crafted packet containing two IP...

8.1CVSS6.3AI score0.0081EPSS
Exploits0References4
Rows per page
Query Builder