Lucene search
K

5 matches found

AstraLinux
AstraLinux
added 2026/06/02 3:27 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags The MSGSPLICEPAGES function can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later processes that may modi...

8.8CVSS6.7AI score0.93235EPSS
Exploits31References3
RedHat Linux
RedHat Linux
added 2026/05/20 2:29 p.m.11 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS6.1AI score0.03663EPSS
Exploits11References5
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

TencentOS Server 3: kernel (TSSA-2026:0316)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0316 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.8CVSS6AI score0.93235EPSS
Exploits31References2
Cvelist
Cvelist
added 2026/05/08 7:21 a.m.58 views

CVE-2026-43284 xfrm: esp: avoid in-place decrypt on shared skb frags

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS0.93235EPSS
Exploits31References10
ATTACKERKB
ATTACKERKB
added 2026/05/08 7:21 a.m.32 views

CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS5.7AI score0.93235EPSS
Exploits31References11Affected Software1
Rows per page
Query Builder