Lucene search
K

22 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 9:27 p.m.13 views

CVE-2026-46000

A flaw was found in the Linux kernel's rxrpc component. Security operations that decrypt RESPONSE packets in place may share the socket buffer skbuff with a packet sniffer. This could allow a local attacker or an attacker with network access to intercept and view decrypted portions of these...

5.5CVSS5.9AI score0.00159EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43867

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the rxrpc component regarding connection-level packet handling. Security operations that verify RESPONSE packets decrypt portions of the data in place. If the sk buff...

5.5CVSS5.8AI score0.00159EPSS
Exploits0
NVD
NVD
added 2026/05/23 12:17 p.m.22 views

CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

8.8CVSS0.0013EPSS
Exploits7References41
CVE
CVE
added 2026/05/23 11:44 a.m.292 views

CVE-2026-43503

The CVE-2026-43503 entry concerns Linux kernel net/skbuff handling: when frags are moved by frag-transfer helpers (notably __pskb_copy_fclone() and skb_shift()), the SKBFL_SHARED_FRAG flag was not propagated to the destination skb, causing destination pages to remain shared while skb_has_shared_f...

8.8CVSS5.8AI score0.0013EPSS
Exploits7References41Affected Software1
EUVD
EUVD
added 2026/05/23 11:44 a.m.12 views

EUVD-2026-31536

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

5.8AI score0.0013EPSS
Exploits7References7
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.13 views

PT-2026-42878

Name of the Vulnerable Software and Affected Versions Linux Kernel versions 7.1-rc1 through 7.1-rc4 Description A local privilege escalation issue exists in the Linux networking stack skbuff due to the improper propagation of the SKBFL SHARED FRAG marker during fragment transfers. Several functio...

8.8CVSS6.6AI score0.0013EPSS
Exploits7
OSV
OSV
added 2026/05/18 9:6 a.m.5 views

SUSE-SU-2026:21774-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References3
OSV
OSV
added 2026/05/18 8:2 a.m.6 views

SUSE-SU-2026:1959-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

8.8CVSS6.1AI score0.93235EPSS
Exploits47References11
OSV
OSV
added 2026/05/18 4:42 a.m.5 views

SUSE-SU-2026:21806-1 Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References3
OSV
OSV
added 2026/05/17 3:22 p.m.9 views

SUSE-SU-2026:1904-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

8.8CVSS6.1AI score0.93235EPSS
Exploits45References9
OSV
OSV
added 2026/05/14 6:30 a.m.3 views

SUSE-SU-2026:21708-1 Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References3
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

TencentOS Server 3: kernel (TSSA-2026:0316)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0316 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.8CVSS6AI score0.93235EPSS
Exploits31References2
RedhatCVE
RedhatCVE
added 2026/05/11 3:25 a.m.16 views

CVE-2026-43500

A flaw was found in the Linux kernel's RxRPC networking subsystem. When a socket buffer carrying a page-cache reference reaches the RxRPC authentication verification path, the kernel performs an in-place decryption directly on the referenced page without first isolating the buffer. A low-privileg...

7.8CVSS6.1AI score0.92766EPSS
Exploits20References4
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.12 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-017398)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017398 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
Tenable Nessus
Tenable Nessus
added 2026/05/10 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-017397)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017397 advisory. In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe...

8.8CVSS6AI score0.93235EPSS
Exploits31References4
Microsoft CVE
Microsoft CVE
added 2026/05/09 8:1 a.m.26 views

xfrm: esp: avoid in-place decrypt on shared skb frags

...

8.8CVSS6AI score0.93235EPSS
Exploits31
SUSE CVE
SUSE CVE
added 2026/05/09 2:39 a.m.17 views

SUSE CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS6AI score0.93235EPSS
Exploits31References133
OSV
OSV
added 2026/05/08 7:50 p.m.7 views

CLSA-2026-1778261513 Update of alt-php

Miscellaneous Ubuntu changes - Packaging: add tuxcare suffix Miscellaneous upstream changes - xfrm: esp: avoid in-place decrypt on shared skb frags - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/08 7:23 p.m.7 views

CLSA-2026-1778260978 Update of kernel

xfrm: esp: avoid in-place decrypt on shared skb frags...

5.8AI score
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/08 7:21 a.m.21 views

CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS6AI score0.93235EPSS
Exploits31
Rows per page
Query Builder