Lucene search
K

297 matches found

OSV
OSV
added 2026/02/04 4:0 p.m.9 views

CVE-2026-23048 udp: call skb_orphan() before skb_attempt_defer_free()

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

5.1AI score0.00145EPSS
Exploits0References5
EUVD
EUVD
added 2026/02/04 4:0 p.m.4 views

EUVD-2026-5499

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

5.1AI score0.00145EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/04 4:0 p.m.28 views

CVE-2026-23048 udp: call skb_orphan() before skb_attempt_defer_free()

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

0.00145EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.6 views

SUSE CVE-2025-71148

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...

4.7CVSS5.3AI score0.0011EPSS
Exploits0References19
NVD
NVD
added 2026/01/23 3:16 p.m.8 views

CVE-2025-71148

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...

3.3CVSS0.0011EPSS
Exploits0References4
OSV
OSV
added 2026/01/23 3:16 p.m.6 views

UBUNTU-CVE-2025-71148

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...

3.3CVSS5.7AI score0.0011EPSS
Exploits0References27
UbuntuCve
UbuntuCve
added 2026/01/23 3:16 p.m.4 views

CVE-2025-71148

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...

3.3CVSS5.9AI score0.0011EPSS
Exploits0References25
CVE
CVE
added 2026/01/23 2:15 p.m.22 views

CVE-2025-71148

CVE-2025-71148 affects the Linux kernel networking code (net/handshake). The issue: handshake_req_submit() overwrites sk->sk_destruct on submission, but does not restore it if an error occurs before hashing, causing handshake_sk_destruct() to return early and leak the socket. The fix is to res...

3.3CVSS5.3AI score0.0011EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/01/23 2:15 p.m.27 views

CVE-2025-71148 net/handshake: restore destructor on submit failure

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...

0.0011EPSS
Exploits0References4
OSV
OSV
added 2026/01/23 2:15 p.m.5 views

CVE-2025-71148 net/handshake: restore destructor on submit failure

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...

3.3CVSS5.3AI score0.0011EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.9 views

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to restore the socket destructor during submission, potentially leading to socket lea...

3.3CVSS6AI score0.0011EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-71148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruc...

3.3CVSS5.9AI score0.0011EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003107)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003107 advisory. The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a...

7.8CVSS7.5AI score0.00404EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: The function tcpbpfsendverdict fails to allocate psock-cork when called, and skmsgfree must be called instead. syzbot reported the following issue: 0 The reproduction of the issue involves the following steps: 1. Load a...

7.8CVSS5.9AI score0.00171EPSS
Exploits2References3
NVD
NVD
added 2026/01/02 3:15 p.m.5 views

CVE-2025-15438

A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manipulation of the argument File can lead to deserialization. The attack can be launched remotely. The...

7.2CVSS0.00386EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/02 2:32 p.m.2 views

CVE-2025-15438 PluXml Media Management medias.php __destruct deserialization

A vulnerability was determined in PluXml up to 5.8.22. Affected is the function FileCookieJar::destruct of the file core/admin/medias.php of the component Media Management Module. Executing a manipulation of the argument File can lead to deserialization. The attack can be launched remotely. The...

5.8CVSS4.7AI score0.00386EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.2 views

PT-2026-6118

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the standard UDP receive path does not utilize skb-destructor, but the skmsg layer does through a call to skb set owner sk safe from udp read skb...

5.4AI score0.00145EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/24 3:30 p.m.4 views

EUVD-2022-55778

In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IPv4 was called even if the subflow was IPv6. It is important to use the right destructor to avoid memory leaks with some advanced IPv...

6AI score0.00209EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.4 views

CVE-2022-50783

In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IPv4 was called even if the subflow was IPv6. It is important to use the right destructor to avoid memory leaks with some advanced IPv...

5.9AI score0.00209EPSS
Exploits0References6
OSV
OSV
added 2025/12/24 1:16 p.m.4 views

UBUNTU-CVE-2022-50783

In the Linux kernel, the following vulnerability has been resolved: mptcp: use proper req destructor for IPv6 Before, only the destructor from TCP request sock in IPv4 was called even if the subflow was IPv6. It is important to use the right destructor to avoid memory leaks with some advanced IPv...

5.7AI score0.00209EPSS
Exploits0References7
Rows per page
Query Builder