757 matches found
CVE-2026-41565 CryptX versions before 0.088_001 for Perl have a stack buffer overflow in four AEAD decrypt_verify helpers
CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer...
CVE-2026-41565 CryptX versions before 0.088_001 for Perl have a stack buffer overflow in four AEAD decrypt_verify helpers
CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stack buffer...
CVE-2026-46104
In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...
SUSE CVE-2026-46007
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used for DMA, that is problematic. Use the high-level DMA...
Incorrect Authorization
Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization via the deprecated twigarraysome, twigarrayevery, and twigcheckarrowinsandbox helper functions. An attacker can bypass the sandbox callback...
CVE-2026-46007
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used for DMA, that is problematic. Use the high-level DMA...
UBUNTU-CVE-2026-46007
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used for DMA, that is problematic. Use the high-level DMA...
UBUNTU-CVE-2026-46063
In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...
CVE-2026-46063
In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...
EUVD-2026-32304
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used for DMA, that is problematic. Use the high-level DMA...
CVE-2026-46007 hwmon: (powerz) Avoid cacheline sharing for DMA buffer
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline with the following mutex. As the buffer may be used for DMA, that is problematic. Use the high-level DMA...
CVE-2026-46007
CVE-2026-46007 targets the Linux kernel hwmon: powerz code, where a DMA transfer buffer may accidentally share a cacheline with a mutex, enabling a cacheline sharing risk for DMA. The issue is mitigated by using the high‑level DMA helpers to ensure no cacheline sharing occurs, and by removing the...
net: skbuff: propagate shared-frag marker through frag-transfer helpers
...
Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50286)
The remote Oracle Linux 10 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50286 advisory. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420559 CVE-2026-46300 Tenable has extracted the preceding...
Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50287)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50287 advisory. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420565 CVE-2026-46300 Tenable has extracted the preceding...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50288)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50288 advisory. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420568 CVE-2026-46300 Tenable has extracted the preceding...
kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers
A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...
SUSE SLES12 Security Update : openssh (SUSE-SU-2026:2025-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2025-1 advisory. This update for openssh fixes the following issues Tenable has extracted the preceding description block directly from the SUSE security...
Unbreakable Enterprise kernel security update: Fragnesia
6.12.0-202.76.4.4 - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39420559 CVE-2026-46300 - net: skbuff: preserve shared-frag marker during coalescing William Bowling Orabug: 39420559...
CVE-2026-46300
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skbtrycoalesce can attach paged frags from @from to @to. If @from has SKBFLSHAREDFRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backe...