PT-2026-39849

Name of the Vulnerable Software and Affected Versions barebox versions prior to 2026.04.0 Description An out-of-bounds read occurs during DHCP option parsing within the dhcp message type function because the software fails to verify that the options pointer remains within the received packet...

UBUNTU-CVE-2026-43421

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysfs links and null pointer dereference problems. A prior attempt to sol...

CVE-2026-43421

The CVE affects the Linux kernel USB gadget for Network Control Model (NCM) where a net_device could outlive its parent gadget during disconnection, causing dangling sysfs links and potential null dereference. The root cause was lifecycle mismanagement of net_device during USB bind/unbind, addres...

Linux Distros Unpatched Vulnerability : CVE-2026-43421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget: fncm: Fix netdevice lifecycle with devicemove The network device outlived its parent gadget device during disconnection, resulting in dangling sysf...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: uboot-tools (UTSA-2026-016520)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016520 advisory. Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 3861aa5 up to today on any platform allows an attacker on the local...

RHCOS 4 : OpenShift Container Platform 4.7.19 (RHSA-2021:2555)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2555 advisory. - polkit: local privilege escalation using polkitsystembusnamegetcredssync CVE-2021-3560 - dhcp: stack-based buffer overflow when...

CVE-2026-39849

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

CVE-2026-39849

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

EUVD-2026-27498

Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the dns.interface configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into the generated...

CVE-2026-39849

Pi-hole FTL before version 6.6.1 is vulnerable to a newline-injection in the dns.interface configuration field. The field accepts newlines without validation, allowing a network-adjacent attacker to inject arbitrary directives into the generated dnsmasq configuration. On systems with no admin pas...

PT-2026-37240

Name of the Vulnerable Software and Affected Versions Pi-hole FTL versions prior to 6.6.1 Description The dns.interface configuration field in Pi-hole FTL accepts newline characters without validation, which allows an attacker to inject arbitrary directives into the generated dnsmasq configuratio...

Astra Linux - уязвимость в edk2

EDK2’s Network Package is vulnerable to a out-of-bounds read vulnerability when processing the IANA or IATA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of confidentiality...

Astra Linux - уязвимость в edk2

EDK2’s Network Package is vulnerable to a buffer overflow vulnerability due to the long server ID option in DHCPv6 clients. This vulnerability can be exploited by an attacker to gain unauthorized access and may result in a loss of confidentiality, integrity, and/or availability...

Astra Linux - уязвимость в systemd

There is an exploitable denial-of-service vulnerability in Systemd 245. A specially crafted DHCP FORCERENEW packet can expose a server running the DHCP client to a DHCP ACK spoofing attack. An attacker can forge a pair of FORCERENEW and DCHP ACK packets to reconfigure the server...

CVE-2026-42511 Remote code execution via malicious DHCP options

The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...

CVE-2026-42511 Remote code execution via malicious DHCP options

The BOOTP file field is written to the lease file without escaping embedded double-quotes, allowing injection of arbitrary dhclient.conf directives. When the lease file is subsequently re-parsed by dhclient, e.g., after a system restart, an attacker-controlled field from the lease is passed to...

RHEL 9 : ovn23.09 (RHSA-2026:11698)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11698 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...

CVE-2026-7424 Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCP

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...

CVE-2026-7424 Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCP

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...

EUVD-2026-26277

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...