11 matches found
SUSE CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-6331
CVE-2026-6331 describes an HMAC zero-length tag forgery in EVP_DigestVerifyFinal. The OpenSSL-compatibility HMAC verify path allowed a zero-length or truncated tag to pass because the signature length check only ensured it did not exceed the MAC length. The fixed behavior now requires the supplie...
CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
UBUNTU-CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-53238 netlabel: validate unlabeled address and mask attribute lengths
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-53238
CVE-2026-53238 affects the Linux kernel netlabel/privacy path in netlbl_unlabel_addrinfo_get, where the address attribute length was used to infer IPv4/IPv6 data but the corresponding mask length was not independently validated. A crafted Generic Netlink request could supply a valid IPv4/IPv6 add...
PT-2026-52333
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netlabel component where the netlbl unlabel addrinfo get function fails to independently validate the length of the mask attribute. While the function uses the...
SUSE CVE-2025-38310
In the Linux kernel, the following vulnerability has been resolved: seg6: Fix validation of nexthop addresses The kernel currently validates that the length of the provided nexthop address does not exceed the specified length. This can lead to the kernel reading uninitialized memory if user space...
UBUNTU-CVE-2025-38310
In the Linux kernel, the following vulnerability has been resolved: seg6: Fix validation of nexthop addresses The kernel currently validates that the length of the provided nexthop address does not exceed the specified length. This can lead to the kernel reading uninitialized memory if user space...
PT-2025-29030
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contained a flaw in the seg6 module where the validation of nexthop addresses was insufficient. The kernel validated that the length of the provided nexthop address di...