Lucene search
+L

1098 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iouring: Fixed the issue of releasing pinned pages when iouaddrmap fails. Looking at the error path of iouaddrmap, if we fail to pin the pages for any reason, ret will be set to -EINVAL, and the error handler will not properly...

5.5CVSS6.2AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP does not require that received fragments be cleared from memory after reconnecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted usin...

3.5CVSS7AI score0.05765EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP does not require that all fragments of a frame be encrypted with the same key. An adversary can exploit this weakness to decrypt selected fragments when another device sends fragmented...

2.6CVSS6.8AI score0.02592EPSS
Exploits2References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail of a data structure may have some unexpected side effects if a program uses a helper function like BPFFUNCskbpulldata to read partial content beyond th...

5.5CVSS5.9AI score0.00196EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid infinite loops when trying to resize the local TT. If the MTU of one of the attached interfaces becomes too small to transmit the local translation table, then it must be resized to fit within all fragments when...

5.5CVSS6AI score0.00259EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fixed an issue where stack out-of-bounds reading occurred when fragmenting IPv4 packets. When running openvswitch on kernels built with KASAN, it is possible to observe the following error during the testing of IPv4...

7.1CVSS6.2AI score0.00254EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – decreasing the MHI channel buffer length to 8KB Currently, the buflen field of ath11kmhiconfigqca6390 is set to 0, causing MHI to use the default size of 64KB to allocate channel buffers. This may lead to failures ...

5.5CVSS6AI score0.0021EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: virtio-net: A overflow occurred within the virtnetrqalloc function. When a fragment receives only one page, it may lead to regressions in the virtual machine. This issue is particularly significant if the sysctl...

5.5CVSS6AI score0.00198EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

The fix for XSA-423 added logic to the Linux’ netback driver to handle cases where a packet is split by a frontend, resulting in not all of the headers being together in one piece. Unfortunately, the introduced logic did not account for the extreme case where the entire packet is split into as ma...

7.8CVSS7AI score0.00296EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211: fixed a use-after-free in CCMP/GCMP RX. When PN checking is performed in mac80211, for fragmentation purposes, we need to copy the PN into the RX struct so that it can be used later for comparison. This is reflected in...

7.8CVSS6.2AI score0.00242EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.7 views

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1840-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1840-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt...

8.8CVSS6.1AI score0.93235EPSS
Exploits33References7
OSV
OSV
added 2026/05/15 2:2 p.m.8 views

OESA-2026-2334 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

9.8CVSS6AI score0.01335EPSS
Exploits1References10
OSV
OSV
added 2026/05/15 2:2 p.m.11 views

OESA-2026-2332 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

7.5CVSS6AI score0.01263EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 6:26 a.m.3 views

CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS6.8AI score0.92766EPSS
Exploits20References12
Packet Storm News
Packet Storm News
added 2026/05/10 12:0 a.m.20 views

The Authorization-Execution Gap Is a Major Safety and Security Problem in Open-World Agents

This position paper argues that the Authorization-Execution Gap AEG is a major safety and security problem in open-world agents. The AEG is the divergence between what a principal intends to authorize and what an open-world agent ultimately executes. Because such agents act autonomously across...

5.8AI score
Exploits0
OSV
OSV
added 2026/05/08 7:50 p.m.11 views

CLSA-2026-1778261513 Update of alt-php

Miscellaneous Ubuntu changes - Packaging: add tuxcare suffix Miscellaneous upstream changes - xfrm: esp: avoid in-place decrypt on shared skb frags - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present...

5.8AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/06 1:41 a.m.9 views

SUSE CVE-2026-43036

In the Linux kernel, the following vulnerability has been resolved: net: use skbheaderpointer for TCPv4 GSO fragoff check Syzbot reported a KMSAN uninit-value warning in gsofeaturescheck called from netifskbfeatures 1. gsofeaturescheck reads iph-fragoff to decide whether to clear mangleidfeatures...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References13
RedHat Linux
RedHat Linux
added 2026/05/02 10:26 p.m.2 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS7AI score0.01263EPSS
Exploits0References4
CVE
CVE
added 2026/05/01 8:34 p.m.18 views

CVE-2026-42786

CVE-2026-42786 describes an unbounded memory growth problem in Bandit’s WebSocket fragment reassembly: per-connection iolists accumulate payloads from Continuation frames (fin: false) without a cumulative size cap, while max_frame_size only bounds individual frames. Since accumulation happens bef...

8.7CVSS5.8AI score0.00549EPSS
Exploits0References4
OSV
OSV
added 2026/05/01 8:34 p.m.3 views

CVE-2026-42786 WebSocket fragmented message reassembly unbounded in bandit

Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The fragment reassembly path in 'Elixir.Bandit.WebSocket.Connection':handleframe/3 in lib/bandit/websocket/connection.ex appends every incomi...

8.7CVSS6AI score0.00549EPSS
Exploits0References9
Rows per page
Query Builder