Lucene search
+L

660 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.11 views

AlmaLinux 9 : kernel (ALSA-2026:30848)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:30848 advisory. kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-31488 kernel: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach...

9.8CVSS6.6AI score0.00465EPSS
Exploits1References10
AlmaLinux
AlmaLinux
added 2026/06/29 12:0 a.m.8 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/amd/display: Do not skip unrelated mode changes in DSC validation CVE-2026-31488 kernel: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach CVE-2026-43038 kernel: netfilter: flowtabl...

9.8CVSS6.4AI score0.00465EPSS
Exploits1References18
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:14 a.m.2 views

ipv6: fix possible UAF in icmpv6_rcv()

...

9.8CVSS6.1AI score0.00385EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/26 2:13 a.m.7 views

SUSE CVE-2026-53006

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

9.8CVSS5.8AI score0.00385EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We onl...

9.8CVSS5.6AI score0.00385EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.9 views

EUVD-2026-38874

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

5.7AI score0.00385EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.36 views

CVE-2026-53006 ipv6: fix possible UAF in icmpv6_rcv()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

9.8CVSS0.00385EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 4:29 p.m.3 views

CVE-2026-53006 ipv6: fix possible UAF in icmpv6_rcv()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We only access &ipv6hdrskb-saddr and &ipv6hdrskb-daddr when netdbgratelimit...

9.8CVSS5.8AI score0.00385EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51900

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF error exists in the IPv6 implementation of the Linux kernel. This issue occurs within the icmpv6 rcv function due to the incorrect caching of source and destination...

9.8CVSS6.2AI score0.00385EPSS
Exploits0References15
CVE
CVE
added 2026/06/19 7:18 p.m.29 views

CVE-2026-48715

CVE-2026-48715 affects the radvddump utility shipped with radvd (prior to v2.21). The issue is a stack buffer overflow in the Route Information option parser: during processing of a crafted ICMPv6 Router Advertisement, print_ff() copies up to 2032 bytes from packet data into a 16-byte on-stack st...

8.8CVSS6.1AI score0.00203EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/16 3:16 p.m.23 views

CVE-2026-10638

subsys/net/ip/icmpv6.c reads the network interface from a netpkt after that packet has been handed to nettrysenddata. In icmpv6handleechorequest and neticmpv6senderror, the post-send statistics update calls netpktifacereply/netpktifacepkt on the just-sent packet. The send path nettrysenddata -...

7.5CVSS0.00352EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 1:16 p.m.34 views

CVE-2026-10638 Use-after-free in Zephyr ICMPv6 RX path when updating statistics after sending an echo reply or error

subsys/net/ip/icmpv6.c reads the network interface from a netpkt after that packet has been handed to nettrysenddata. In icmpv6handleechorequest and neticmpv6senderror, the post-send statistics update calls netpktifacereply/netpktifacepkt on the just-sent packet. The send path nettrysenddata -...

5.9CVSS0.00352EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 1:16 p.m.21 views

CVE-2026-10638

The CVE describes a use-after-free in Zephyr’s ICMPv6 RX path: after sending an ICMPv6 Echo Request or an error, post-send statistics update references net_pkt_iface(reply/pkt) on a packet that may already be freed by net_try_send_data (or by the driver/L2). If CONFIG_NET_TC_TX_COUNT is 0 or the ...

7.5CVSS6.1AI score0.00352EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/16 1:16 p.m.7 views

CVE-2026-10638 Use-after-free in Zephyr ICMPv6 RX path when updating statistics after sending an echo reply or error

subsys/net/ip/icmpv6.c reads the network interface from a netpkt after that packet has been handed to nettrysenddata. In icmpv6handleechorequest and neticmpv6senderror, the post-send statistics update calls netpktifacereply/netpktifacepkt on the just-sent packet. The send path nettrysenddata -...

5.9CVSS6.1AI score0.00352EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/11 7:53 a.m.7 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.4AI score0.00563EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.16 views

RHEL 9 : kernel (RHSA-2026:22940)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22940 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: Make cakeenqueue...

9.8CVSS5.5AI score0.00563EPSS
Exploits0References16
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179178a: Fixed out-of-bounds accesses in RX fixup The ax88179rxfixup function contains several out-of-bounds accesses that can be triggered by a malicious or defective USB device. Specifically: - The metadata array...

7.8CVSS6.2AI score0.00316EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.13 views

openSUSE 16 Security Update : wireshark (openSUSE-SU-2026:20685-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20685-1 advisory. This update for wireshark fixes the following issues - CVE-2026-3201: missing limit checks in USB HID protocol dissector's parsereportdescriptor...

7.8CVSS6.5AI score0.00206EPSS
Exploits34References99
OSV
OSV
added 2026/05/09 12:31 p.m.10 views

OESA-2026-2226 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of...

7.8CVSS5.9AI score0.00206EPSS
Exploits37References38
OSV
OSV
added 2026/05/06 12:10 a.m.4 views

SUSE-SU-2026:21559-1 Security update for wireshark

This update for wireshark fixes the following issues - CVE-2026-3201: missing limit checks in USB HID protocol dissector's parsereportdescriptor function can lead to memory exhaustion bsc1258907. - CVE-2026-3203: missing length checks in the RF4CE Profile protocol dissector can lead to illegal...

7.8CVSS6.5AI score0.00206EPSS
Exploits34References67
Rows per page
Query Builder