297 matches found
kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...
CVE-2026-48743
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete at the transport layer HEADERS with FIN / headers-only close but still carries a nonzero...
CVE-2026-48743
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete at the transport layer HEADERS with FIN / headers-only close but still carries a nonzero...
GO-2026-5180 Traefik has an StripPrefixRegex Middleware Authorization Bypass via Path/RawPath Desync in github.com/traefik/traefik
Traefik has an StripPrefixRegex Middleware Authorization Bypass via Path/RawPath Desync in github.com/traefik/traefik...
Linux Distros Unpatched Vulnerability : CVE-2026-54388
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content- Length headers with differing values, forwarding all...
DEBIAN-CVE-2026-54388
Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content-Length headers with differing values, forwarding all duplicate headers to the backend while using the first value to determine how many request body bytes to consume. Remote attackers can...
CVE-2026-0068
In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution...
CVE-2026-0068
In Android, CVE-2026-0068 affects PackageInstallerService.java (createSessionInternal). The vulnerability enables a local attacker to remove a DPC app from a managed device without DO consent due to persistence desync, potentially causing local elevation of privilege if a malicious app is install...
CVE-2026-0068
In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution...
PT-2026-50231
In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution...
CVE-2026-28580
In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-28578
In multiple functions of DevicePolicyManagerService.java, there is a possible desync from persistence due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
netfilter: nft_inner: Fix IPv6 inner_thoff desync
...
SUSE CVE-2026-46244
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...
EUVD-2026-34106
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...
CVE-2026-46244
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...
CVE-2026-46244
The CVE-2026-46244 issue affects the Linux kernel netfilter nft_inner path. In nft_inner_parse_l2l3(), while handling inner IPv6 packets, ipv6_find_hdr() computes the transport header offset correctly across extension headers, but the code later overwrites this value with nhoff + sizeof(_ip6h) (4...
CVE-2026-46244 netfilter: nft_inner: Fix IPv6 inner_thoff desync
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...