Lucene search
K

70 matches found

RedHat Linux
RedHat Linux
added 2025/11/25 6:17 p.m.3 views

kernel: ip6mr: Fix skb_under_panic in ip6mr_cache_report()

A buffer underwrite vulnerability exists in the linux kernel in the function skbunderpanic in ip6mrcachereport, leading to an attacker, via crafting a payload, could result in damage to system availability and integrity...

5.5CVSS7.5AI score0.00178EPSS
Exploits0References5
OSV
OSV
added 2025/11/15 6:38 p.m.4 views

SUSE-SU-2025:4111-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50327: ACPI: processor: idle: Check acpifetchacpidev return value bsc1249859. - CVE-2022-50334: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam bsc1249857. ...

7.8CVSS6.8AI score0.21314EPSS
Exploits0References366
RedhatCVE
RedhatCVE
added 2025/11/13 2:2 p.m.5 views

CVE-2025-40170

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

7.4CVSS5.9AI score0.00188EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/11/13 1:3 a.m.4 views

ipv6: use RCU in ip6_output()

...

7AI score0.00212EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/11/12 10:23 a.m.4 views

CVE-2025-40158

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...

5.1AI score0.00212EPSS
Exploits0
CNNVD
CNNVD
added 2025/11/12 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ip6output not using RCU to protect dstdevrcu access, which could lead to reuse after release...

6.1AI score0.00212EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989350 advisory. In the Linux kernel, the following vulnerability has been resolved: erspan: do not assume transport header is always set Rewrite tests in ip6erspantunnelxmit and...

5.5CVSS5.4AI score0.00274EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/17 2:56 p.m.1 views

CVE-2023-53343 icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().

In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP and will be forwarded to an external IP in the IPv6 Ex...

5.8AI score0.00192EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.5 views

PT-2025-46610

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s IPv6 implementation within the ip6 xmit function. The issue stems from a use-after-free condition that can occur due to improper handling of device...

5.2CVSS7.5AI score0.00197EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/08/11 12:0 a.m.8 views

The vulnerability of the netif_rx() function in the net/ipv6/ip6_input.c file of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the netifrx function in the net/ipv6/ip6input.c file of the Linux kernel is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

7CVSS6.2AI score0.00148EPSS
Exploits0References9Affected Software6
OSV
OSV
added 2025/04/24 12:34 p.m.6 views

USN-7455-3 linux-intel-iot-realtime, linux-realtime vulnerabilities

Jann Horn discovered that the watchqueue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service system crash or escalate their privileges. CVE-2022-0995 Several security issues were discovered i...

7.8CVSS6.8AI score0.06197EPSS
Exploits13References13
OSV
OSV
added 2025/02/26 7:1 a.m.11 views

UBUNTU-CVE-2022-49728

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...

5.5CVSS6.2AI score0.0025EPSS
Exploits0References18
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: A memory leak was fixed when changing the remote IPv6 address. The device stores IPv6 addresses that are used for encapsulation in linear memory, which is managed by the driver. Changing the remote address of...

5.5CVSS6.3AI score0.00218EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/01/15 2:3 p.m.1 views

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059170 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

7.8CVSS8.2AI score0.00352EPSS
Exploits1References12
SUSE Linux
SUSE Linux
added 2025/01/14 5:3 p.m.1 views

Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122194 fixes several issues. The following security issues were fixed: CVE-2022-48686: Fixed UAF when detecting digest errors bsc1226337. CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956...

7.8CVSS7.7AI score0.00352EPSS
Exploits1References12
SUSE Linux
SUSE Linux
added 2025/01/14 3:33 p.m.2 views

Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059150 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637. Patch...

7.8CVSS8.2AI score0.00352EPSS
Exploits1References8
OSV
OSV
added 2024/11/09 11:15 a.m.7 views

AZL-53304 CVE-2024-50257 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in getinfo ip6tablenat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 moduleput+0x6f/0x80 Modules linked in: ip6tablenat- CPU: 1 UID: 0...

7.8CVSS7AI score0.00257EPSS
Exploits0References1
OSV
OSV
added 2024/11/09 11:15 a.m.2 views

DEBIAN-CVE-2024-50252

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumipip: Fix memory leak when changing remote IPv6 address The device stores IPv6 addresses that are used for encapsulation in linear memory that is managed by the driver. Changing the remote address of an ip6gre net...

5.5CVSS5.8AI score0.00218EPSS
Exploits0References1
OSV
OSV
added 2024/10/01 9:5 p.m.12 views

CLSA-2024-1727816710 Fix of 60 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6appenddata CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between...

8.4CVSS6.8AI score0.00299EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.4 views

kernel: ipv6: prevent NULL dereference in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References5
Rows per page
Query Builder