178 matches found
CVE-2026-52995
A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS subsystem. This vulnerability allows a local unprivileged user to disclose sensitive kernel memory. When a user queries connection information through getsockoptSOLRDS, RDSINFOIBCONNECTIONS while an RDS connection is not fully...
Linux Distros Unpatched Vulnerability : CVE-2026-53004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the pee...
Linux Distros Unpatched Vulnerability : CVE-2026-52995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to ...
EUVD-2026-38872
In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...
CVE-2026-53004
In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...
CVE-2026-53004 sctp: fix OOB write to userspace in sctp_getsockopt_peer_auth_chunks
In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...
CVE-2026-53004
In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...
CVE-2026-52995
The CVE-2026-52995 issue affects the Linux kernel’s RDS path: rds_for_each_conn_info() and rds_walk_conn_path_info() pass a caller-allocated on-stack buffer to visitors and then copy item_len bytes back to user space, potentially exposing uninitialized stack data. In particular, rds_ib_conn_info_...
CVE-2026-52995 net/rds: zero per-item info buffer before handing it to visitors
In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...
Astra Linux – Vulnerability in Linux, Linux 5.10
A vulnerability, classified as problematic, was discovered in the Linux kernel. This vulnerability affects the tcpgetsockopt/tcpsetsockopt functions of the TCP Handler component. Manipulation of these functions can lead to a race condition. It is recommended that a patch be applied to address thi...
Astra Linux – Vulnerability in Linux, Linux 5.10
A use-after-free read flaw was discovered in the sockgetsockopt function in net/core/sock.c, due to race conditions involving SOPEERCRED and SOPEERGROUPS functions when used with listen and connect in the Linux kernel. In this flaw, an attacker with user privileges could potentially crash the...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
The dotlsgetsockopt function in net/tls/tlsmain.c in the Linux kernel, up to version 6.2.6, lacks a locksock call, resulting in a race condition. This can lead to a use-after-free issue or a NULL pointer dereferencing...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010734)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010734 advisory. A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010753)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010753 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smcsetsockopt and...
Important: kernel
Issue Overview: A vulnerability, which was classified as problematic, was found in Linux Kernel. This affects the function tcpgetsockopt/tcpsetsockopt of the component TCP Handler. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. The identifier...
MiracleLinux 8 : kernel-4.18.0-477.15.1.el8_8 (AXSA:2023-6210:20)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6210:20 advisory. kernel: tls: race condition in dotlsgetsockopt may lead to use-after-free or NULL pointer dereference CVE-2023-28466 Tenable has extracted the preceding...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003974)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003974 advisory. There is a vulnerability in the linux kernel versions higher than 5.2 if kernel compiled with config params CONFIGBPFSYSCALL=y , CONFIGBPF=y , CONFIGCGROUPS=y ,...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000597)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000597 advisory. net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001473)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001473 advisory. A use-after-free read flaw was found in sockgetsockopt in net/core/sock.c due to SOPEERCRED and SOPEERGROUPS race with listen and connect in the Linux kernel. In thi...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002341)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002341 advisory. net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by...