144 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53079
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdiscrunend, it operates on the root qdisc. If the...
CVE-2026-53079
A flaw was found in the Linux kernel's networking scheduler netsched. When the network stack cleans up deferred packet lists, if the root queueing discipline qdisc does not implement the TCQFDEQUEUEDROPS flag, packets intended for release are not freed. This can lead to a memory leak, potentially...
Linux Distros Unpatched Vulnerability : CVE-2026-53070
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda add xmit...
EUVD-2026-38947
In the Linux kernel, the following vulnerability has been resolved: netsched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdiscrunend, it operates on the root qdisc. If the root qdisc do not implement the TCQFDEQUEUEDROPS flag the packets que...
CVE-2026-53070
In the Linux kernel, the following vulnerability has been resolved: sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda "add xmit recursion limit to tunnel xmit functions", on the path:...
CVE-2026-53070
The CVE-2026-53070 issue affects the Linux kernel SCTP over UDP path. It concerns the IPv4/IPv6 sctp_udp_xmit code where xmit_skb() execution must occur with BH disabled; after a recursion-limit change, the context could migrate between CPUs, upsetting the dev_xmit_recursion pairing and potential...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: perform a shared-unconfirmed check before segmentation. Ulrich reports a regression with nfqueue: If an application does not set the ‘FGSO’ capability flag, and a gso packet with an unconfirmed nfconn...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: can: dev: fix skb drop check In commit a6d190f8c767 “can: skb: drop txskb if in listen-only mode”, the priv-ctrlmode element is read even on virtual CAN interfaces that do not create the structcanpriv structure during startup. Th...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fixed the XDPTX path. For the XDPTX action in bnxtrxxdp, clearing the event flags is incorrect. The sequence of calls bnxtpollwork - bnxtrxpkt - bnxtrxxdp may involve looping within the NAPI, and some event flags might be...
SUSE CVE-2026-45859
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...
CVE-2026-45952 eth: fbnic: Add validation for MTU changes
In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...
CVE-2026-45859
The CVE-2026-45859 entry describes a Linux kernel netfilter nfnetlink_queue issue where a shared-unconfirmed nf_conn entry is not checked before segmentation, causing UDP packets to be dropped instead of queued when F_GSO is not set and a GSO packet arrives. The regression arose due to the check ...
kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit
In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...
Malicious code in martinez-polygon-clipping-tony (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dabf04b2f99e28eb10740bd7459bf64513fac98a064b60071b1e7aabf8674dd0 Package name impersonates the legitimate martinez-polygon-clipping library: README, badges, and API surface are copied verbatim, while repository...
SUSE CVE-2026-43296
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky NIX SQ manager sticky mode is known to cause stalls when multiple SQs share an SMQ and transmit concurrently. Additionally, PSE may deadlock on transitions between stick...
CVE-2026-43296
The CVE-2026-43296 case affects the Linux kernel driver octeontx2-af, where the NIX SQ manager sticky mode can stall when multiple SQs share an SMQ and transmit concurrently, and transitions between sticky and non-sticky transmissions can deadlock the PSE, with additional credit drops when clocks...
PT-2026-38938
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the octeontx2-af component where the NIX SQ manager sticky mode can cause stalls when multiple SQs share an SMQ and transmit concurrently. Furthermore, the PSE may...
CVE-2026-43254
A flaw was found in the Linux kernel's handling of OpenVPN ovpn TCP network traffic. This vulnerability occurs when the kernel processes multiple network packets that have been combined into a single stream. An attacker could exploit this by sending specially crafted TCP packets, leading to issue...
CVE-2026-43194
In the Linux kernel, the following vulnerability has been resolved: net: consume xmit errors of GSO frames udpgrofrglist.sh and udpgrobench.sh are the flakiest tests currently in NIPA. They fail in the same exact way, TCP GRO test stalls occasionally and the test gets killed after 10min. These...
CVE-2026-6180
PaperCut MF/NG suffers a race condition in processing badge-swipe data from certain HP devices, under dropped/out-of-order packet conditions. The issue can cause a truncated badge ID to be registered, and in environments with custom badge-ID post-processing scripts, the truncated value may map to...