386 matches found
CVE-2026-54399 Apache HttpComponents Core: Unbounded HTTP Header/Line Length in Default Configuration
Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...
CVE-2026-54399
The CVE concerns Apache HttpComponents Core and a vulnerability in the HTTP/1.1 message parser causing memory exhaustion via an excessive number of headers or header length. Affected versions cited in public CVE records include 5.4.2 and earlier and 5.5-beta1 and earlier; a separate vendor-facing...
EUVD-2026-41094
Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core 5.4.2 and earlier, 5.5-beta1 and earlier allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive...
IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN
...
CVE-2026-47692
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, PROXY Protocol v2 header generator emits TLVs beyond the maximum length of 65535 bytes, causing a mismatch between bytes written and the length field in th...
PT-2026-52885
Name of the Vulnerable Software and Affected Versions Envoy versions 1.34.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The PROXY Protocol v2 header generator emits Type-Length-Values TLVs that exceed t...
CVE-2026-53074
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter subsystem. Specifically, the bpfprogtestrunskb function, responsible for testing BPF programs with network packets, did not properly validate the length of IPv4 and IPv6 inputs. This could allow the kernel to attempt to access...
CVE-2026-53176 IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN
In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISERHEADERSLEN In drivers/infiniband/ulp/isert/ibisert.c, isertloginrecvdone computes the login request payload length as wc-bytelen minus ISERHEADERSLEN with no lower bound, and loginreql...
CVE-2026-53176
In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISERHEADERSLEN In drivers/infiniband/ulp/isert/ibisert.c, isertloginrecvdone computes the login request payload length as wc-bytelen minus ISERHEADERSLEN with no lower bound, and loginreql...
EUVD-2026-39267
In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISERHEADERSLEN In drivers/infiniband/ulp/isert/ibisert.c, isertloginrecvdone computes the login request payload length as wc-bytelen minus ISERHEADERSLEN with no lower bound, and loginreql...
CVE-2026-53074
Summary of CVE-2026-53074 (Linux kernel) : The issue occurs in the bpf_prog_test_run_skb() path where the code may access ip_hdr(skb) or ipv6_hdr(skb) for IPv4/IPv6 inputs even when only an Ethernet header is present. If the Ethernet frame carries an IPv4/IPv6 EtherType but the Layer 3 header is ...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: Check actuallength before accessing the header. The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostfram...
CVE-2026-52942
In the Linux kernel, the following vulnerability has been resolved: netfilter: nflog: validate MAC header was set before dumping it The fallback path of dumpmacheader guards the MAC header access only with "skb-macheader != skb-networkheader", without checking skbmacheaderwasset. When the MAC...
EUVD-2026-38712
In the Linux kernel, the following vulnerability has been resolved: netfilter: nflog: validate MAC header was set before dumping it The fallback path of dumpmacheader guards the MAC header access only with "skb-macheader != skb-networkheader", without checking skbmacheaderwasset. When the MAC...
PT-2026-51735
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read issue exists in the netfilter nf log component. The dump mac header function fails to verify if the MAC header was set using skb mac header was set in its fallback...
CVE-2026-10658
A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In btisorecv subsys/bluetooth/host/iso.c, when processing PB=START/SINGLE fragments, the code pulls a TS SDU header 8 bytes, ts=1 or a non-TS SDU header 4 bytes, ts=0 without firs...
CVE-2026-10658 Bluetooth Host ISO RX Missing SDU Header Length Validation in bt_iso_recv() Leads to DoS
A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In btisorecv subsys/bluetooth/host/iso.c, when processing PB=START/SINGLE fragments, the code pulls a TS SDU header 8 bytes, ts=1 or a non-TS SDU header 4 bytes, ts=0 without firs...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mac80211: The issue in ieee80211scanrx involves checking the skb length. This code requires hard-coded compile-time constants for determining the header length check. Instead, a dynamic determination based on the frame type shoul...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv4, ipv6: Fixed the handling of transhdrlen in ip,6appenddata. Including transhdrlen in the packet length is a problem when the packet is partially filled e.g., a sendMSGMORE operation occurred previously when appending to a...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/core: Fixed the ETHP1588 flow dissector. When an PTP Ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, the calculation of the nhoff value is incorrect. For example,...