Lucene search
K

992 matches found

OSV
OSV
added 2026/07/02 4:14 p.m.4 views

USN-8501-1 linux vulnerabilities

It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-43503 Several security issues...

9.8CVSS7.1AI score0.00563EPSS
Exploits11References15
RedHat Linux
RedHat Linux
added 2026/06/30 11:30 a.m.5 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS7.1AI score0.93235EPSS
Exploits31References6
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2518)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 Tenable has extracted the preceding description block directly...

8.8CVSS7AI score0.93235EPSS
Exploits31References2
OSV
OSV
added 2026/06/24 9:59 a.m.2 views

SUSE-SU-2026:22488-1 Security update for the Linux Kernel RT (Live Patch 20 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-42.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-3150...

9.8CVSS6AI score0.03663EPSS
Exploits25References18
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: skbuff: The SKBFLSHAREDFRAG bit was not properly propagated through the frag-transfer helpers. Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving...

8.8CVSS6.3AI score0.00135EPSS
Exploits7References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.13 views

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-8462-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8462-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS7.2AI score0.96267EPSS
Exploits283References15
OSV
OSV
added 2026/06/22 11:10 a.m.2 views

SUSE-SU-2026:2482-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in fscontext error paths bsc1248235. - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished...

9.8CVSS7.3AI score0.93235EPSS
Exploits53References222
Tenable Nessus
Tenable Nessus
added 2026/06/19 12:0 a.m.7 views

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2026-2430)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating...

8.8CVSS7.1AI score0.96267EPSS
Exploits257References3
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.12 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50318)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50318 advisory. - net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption Muhammad Alifa Ramdhan Orabug: 39543209 CVE-2026-31533 - net: fix fanout UAF...

9.8CVSS6.5AI score0.004EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2026-2425)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 crypto: algifaead - Revert to operating...

8.8CVSS7.1AI score0.96267EPSS
Exploits257References3
GithubExploit
GithubExploit
added 2026/06/11 8:51 p.m.85 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

DirtyFrag CVE-2026-43284 PoC Validation and auditd Detection...

8.8CVSS6AI score0.93235EPSS
Exploits31
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 a.m.11 views

CVE-2026-45329

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in espsecureservices.c and espsecureservicesiram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked...

7.1CVSS5.4AI score0.00117EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/10 7:46 a.m.11 views

Security Bulletin: IBM Cloud Pak for Data System 1.0 is affected by multiple vulnerabilities

Summary IBM Cloud Pak for Data System 1.0 CPDS 1.0 includes multiple third-party components that are affected by various security vulnerabilities. These vulnerabilities include integer overflow issues in GLib leading to heap corruption and denial of service, a write-what-where condition in the...

9.8CVSS7.4AI score0.93235EPSS
Exploits34Affected Software1
OSV
OSV
added 2026/06/10 12:34 a.m.2 views

CVE-2026-45329 ESF-IDF: Out-of-Bounds Read in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in espsecureservices.c and espsecureservicesiram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References6
CVE
CVE
added 2026/06/10 12:33 a.m.28 views

CVE-2026-45328

The CVE concerns ESF-IDF’s ESP-IDF esp_tee component. In versions 5.5.4 and 6.0, the secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c bridge calls from the REE to TEE-protected peripherals (AES, SHA, ECC, HMAC, SPI, MMU, WDT) and security features (attestation, OTA,...

9.3CVSS5.3AI score0.00126EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/06/10 12:26 a.m.40 views

CVE-2026-45160 ESF-IDF: Out-of-bounds Read in lwIP DHCP Server Option Parser

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser parseoptions in components/lwip/apps/dhcpserver/dhcpserver.c shipped with ESP-IDF's lwIP component. The pars...

6.5CVSS0.00246EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/09 1:49 p.m.30 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS5.9AI score0.03663EPSS
Exploits11References5
RedHat Linux
RedHat Linux
added 2026/06/09 1:49 p.m.5 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
Oracle linux
Oracle linux
added 2026/06/07 12:0 a.m.26 views

Unbreakable Enterprise kernel security update

5.4.17-2136.356.4.2 - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017592 CVE-2025-10263 - arm64: tlb: Add ARM64WORKAROUNDREPEATTLBISYNC Mark Rutland Orabug: 39017592 - ARM: uek: Disable CONFIGQCOMFALKORERRATUM1003 Boris Ostrovsky Orabug: 39017592 - arm64: tlb:...

9.1CVSS5.5AI score0.96267EPSS
Exploits278
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

Ubuntu 14.04 LTS / 18.04 LTS : Linux kernel vulnerability (USN-8390-1)

The remote Ubuntu 14.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8390-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Fra...

8.8CVSS6AI score0.93235EPSS
Exploits31References2
Rows per page
Query Builder