Lucene search
+L

42 matches found

Vulnrichment
Vulnrichment
added 2026/06/30 4:33 p.m.8 views

CVE-2026-10655 Use-after-free race in SNTP async client when closing the socket while the socket service is still polling it

The asynchronous SNTP client in Zephyr subsys/net/lib/sntp/sntp.c, sntpcloseasync closed the UDP socket file descriptor directly from the calling thread immediately after detaching it from the network socket service, without synchronizing with the socket-service poll thread. The socket service...

6.5CVSS5.8AI score0.00254EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.7 views

SUSE CVE-2026-53184

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an MR cleanup error in rds. This vulnerability may lead to repeated resource release after a...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: rds: Do not hold the sock lock when canceling work from rdstcpresetcallbacks. The syzbot is reporting a lockdep warning at rdstcpresetcallbacks 1. The related commit is ac3615e7f3cffe2a “RDS: TCP: Reduce code duplication in...

5.9AI score0.00248EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/25 4:56 p.m.6 views

SUSE CVE-2026-23331

In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind an UDP socket to the wildcard address with a non-zero port, connect it to an address, and disconnect it from the address. bind sets...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.1 views

CVE-2026-23331

In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind an UDP socket to the wildcard address with a non-zero port, connect it to an address, and disconnect it from the address. bind sets...

5.6AI score0.00121EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/15 5:54 a.m.13 views

OESA-2026-1566 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect...

9.8CVSS6.4AI score0.00468EPSS
Exploits0References74
CVE
CVE
added 2025/12/09 1:29 a.m.22 views

CVE-2023-53825

CVE-2023-53825 affects the Linux kernel’s kcm_sendmsg() for SOCK_DGRAM. A memory-leak in the error path could corrupt the MSG_MORE queue when a partial copy occurs; the fix updates kcm_tx_msg(head)->last_skb and adds purge behavior on failure (like UDP via udp_flush_pending_frames) to avoid qu...

5.8AI score0.00225EPSS
Exploits0References8
OSV
OSV
added 2025/12/09 1:16 a.m.2 views

DEBIAN-CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

5.3AI score0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 12:1 a.m.31 views

CVE-2023-53809 l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

0.00162EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31921

Malicious code in bioql PyPI...

6.4AI score0.00149EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-24512

Malicious code in bioql PyPI...

8.1CVSS7.9AI score0.00146EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/17 10:46 p.m.6 views

CVE-2025-43359

A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all...

9.8CVSS5.8AI score0.00864EPSS
Exploits0References1
OSV
OSV
added 2025/02/27 2:15 a.m.6 views

AZL-68748 CVE-2024-57974 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

4.7CVSS6.6AI score0.00138EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: tipc: Fixed a use-after-free in the kernel socket during the cleanupbearer function. syzkaller reported a use-after-free of the UDP kernel socket in cleanupbearer. This issue occurred without any reprovisioning. When the...

7.8CVSS6.5AI score0.00238EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 3:54 a.m.10 views

CVE-2024-27273

IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903...

8.1CVSS6.4AI score0.00146EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/01 3:47 a.m.5 views

SUSE CVE-2025-21678

In the Linux kernel, the following vulnerability has been resolved: gtp: Destroy device along with udp socket's netns dismantle. gtpnewlink links the device to a list in devnetdev instead of srcnet, where a udp tunnel socket is created. Even when srcnet is removed, the device stays alive on...

5.5CVSS7.6AI score0.0021EPSS
Exploits0References14
OSV
OSV
added 2024/12/27 3:15 p.m.9 views

AZL-55163 CVE-2024-56642 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free of kernel socket in cleanupbearer. syzkaller reported a use-after-free of UDP kernel socket in cleanupbearer without repro. 01 When bearerdisable calls tipcudpdisable, cleanup of the UDP kernel socket is...

7.8CVSS6.4AI score0.00238EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/10 12:0 a.m.22 views

AIX (IJ50935)

The version of AIX installed on the remote host is prior to APAR IJ50935. It is, therefore, affected by a vulnerability as referenced in the IJ50935 advisory. - IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Un...

8.1CVSS5.5AI score0.00146EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/07 8:17 p.m.32 views

CVE-2024-27273 IBM AIX privilege escalation

IBM AIX's Unix domain AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1 datagram socket implementation could potentially expose applications using Unix domain datagram sockets with SOPEERID operation and may lead to privilege escalation. IBM X-Force ID: 284903...

8.1CVSS7.9AI score0.00146EPSS
Exploits0References2
Rows per page
Query Builder