SUSE CVE-2023-53821

In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...

DEBIAN-CVE-2023-53821

In the Linux kernel, the following vulnerability has been resolved: ip6vti: fix slab-use-after-free in decodesession6 When ipv6vti device is set to the qdisc of the sfb type, the cb field of the sent skb may be modified during enqueuing. Then, slab-use-after-free may occur when ipv6vti device sen...

CVE-2023-53821

CVE-2023-53821 pertains to the Linux kernel, addressing a slab-use-after-free in ip6_vti/decode_session6 when an IPv6 vti skb cb field is modified during enqueuing. The vulnerability could enable use-after-free during transmission via vti6_tnl_xmit path; the fix, per the advisory, is to set the s...

EUVD-2023-60049

Nagios Log Server versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Create User function. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...