Lucene search
K

343 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 8:45 a.m.6 views

CVE-2026-53235

A flaw was found in the Linux kernel's network Generic Receive Offload GRO handling. An attacker sending specially crafted network packets could trigger a bug in the skbgroreceivelist function. This occurs when the system attempts to process network data that is not in the expected linear memory...

7.5CVSS5.9AI score0.00466EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.4 views

SUSE SLES15 Security Update : kernel RT (Live Patch 11 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2503-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2503-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.37 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.6AI score0.0049EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.3 views

SUSE SLES15 Security Update : kernel (Live Patch 23 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2559-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2559-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.100 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.6AI score0.0049EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.5 views

SUSE SLES15: kernel-livepatch-5_14_21-150400_24_200-default / etc (SUSE-SU-2026:2571-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2571-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.200 fixes various security issues The following security issues were fixed: ...

9.8CVSS6.5AI score0.0049EPSS
Exploits8References16
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.5 views

SUSE SLES15 Security Update : kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:2594-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2594-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.52 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.6AI score0.0049EPSS
Exploits8References17
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.3 views

SUSE SLES15 Security Update : kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:2588-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2588-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.81 fixes various security issues The following security issues were fixed: -...

9.8CVSS6.8AI score0.0049EPSS
Exploits8References20
NVD
NVD
added 2026/06/25 9:16 a.m.12 views

CVE-2026-53235

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

7.5CVSS0.00466EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53235

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

8.2CVSS5.7AI score0.00466EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39326

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

5.7AI score0.00466EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.27 views

CVE-2026-53235 net: add pskb_may_pull() to skb_gro_receive_list()

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

7.5CVSS0.00466EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.15 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udpgrocomplete function assumes that all packets inserted into the receive queue have the encapsulation flag set to zero. However, this assumption is not true. Some hardware network cards ca...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: Fixed a memory leak in skbSegmentList for GRO packets When skbSegmentList is called during packet forwarding, it handles packets that were aggregated by the GRO engine. Historically, the segmentation logic in skbSegmentList...

5.5CVSS5.9AI score0.0012EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/22 6:44 a.m.5 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.5 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.3 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1865)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1865 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 In the Linux kernel, the following vulnerability has...

7.8CVSS6.4AI score0.00353EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.8 views

RHEL 9 : kernel (RHSA-2026:27735)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27735 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: libceph: make decodepool more...

9.8CVSS6.6AI score0.00469EPSS
Exploits4References22
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gro: fixed ownership transfer If packets are received using GRO, they may be segmented later on and continue their journey within the stack. In skbSegmentlist, these segments can be reused as they are. This is a problem because...

5.5CVSS6.1AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: veth: The GRO flag is cleared when XDP is disabled, even when the device is disabled. The NETIFFGRO flag is set automatically when XDP is enabled, because both features use the same NAPI mechanism. The logic for clearing the...

5.5CVSS6.3AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: UDP: Do not accept non-tunnel GSO packets that land in a tunnel. When rx-udp-gro-forwarding is enabled, UDP packets may be forwarded in a way that causes them to land in a tunnel. This can lead to various issues. udpgroreceive...

8.8CVSS6.1AI score0.00669EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fixed potential use-after-free in hisifemacrx The skb object is passed to napigroreceive, which may free it. After calling this function, dereferencing the skb object may trigger a use-after-free...

7.8CVSS5.7AI score0.00238EPSS
Exploits0References2
Rows per page
Query Builder