Lucene search
K

200 matches found

CNNVD
CNNVD
added 2025/09/17 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly handling the rt6iidev pointer to ip6nullentry, which could result in a null pointer dereference...

5.5CVSS5.8AI score0.00192EPSS
Exploits0References8
OSV
OSV
added 2025/08/16 12:15 p.m.2 views

UBUNTU-CVE-2025-38550

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Delay put pmc-idev in mlddeldelrec pmc-idev is still used in ip6mcclearsrc, so as mldcleardelrec does, the reference should be put after ip6mcclearsrc return...

7.8CVSS6.5AI score0.00144EPSS
Exploits0References39
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-ip6 (npm)

The package @zalastax/nolb-ip6 was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-12041 Malicious code in @zalastax/nolb-ip6 (npm)

The package @zalastax/nolb-ip6 was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:2 a.m.6 views

CVE-2018-9389

In ip6appenddata of ip6output.c, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.7AI score0.00106EPSS
Exploits0References1
Snyk
Snyk
added 2025/04/21 1:40 a.m.2 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the flowspec parser in bgp.go. An attacker can cause an application crash by sending fewer than 20 bytes as ECSUBTYPEFLOWSPECREDIRECTIP6 data. Details Denial of Service DoS describes...

8.2CVSS7.1AI score0.00462EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/04/16 3:19 a.m.3 views

kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()

In the Linux kernel, the following vulnerability has been resolved: ipv6: fib6rules: avoid possible NULL dereference in fib6ruleaction syzbot is able to trigger the following crash 1, caused by unsafe ip6dstidev use. Indeed ip6dstidev can return NULL, and must always be checked. 1 Oops: general...

5.5CVSS6.4AI score0.00289EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/02/27 3:2 a.m.4 views

SUSE CVE-2022-49727

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in l2tpip6sendmsg When len = INTMAX - transhdrlen, ulen = len + transhdrlen will be overflow. To fix, we can follow what udpv6 does and subtract the transhdrlen from the max...

6.6CVSS7AI score0.00272EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/02/27 3:2 a.m.5 views

SUSE CVE-2022-49728

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...

6.6CVSS7.8AI score0.00249EPSS
Exploits0References5
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

DEBIAN-CVE-2022-49728

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...

5.5CVSS5.7AI score0.00249EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.2 views

UBUNTU-CVE-2022-49727

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in l2tpip6sendmsg When len = INTMAX - transhdrlen, ulen = len + transhdrlen will be overflow. To fix, we can follow what udpv6 does and subtract the transhdrlen from the max...

5.5CVSS6.2AI score0.00272EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2025/02/26 2:24 a.m.6 views

CVE-2022-49727

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in l2tpip6sendmsg When len = INTMAX - transhdrlen, ulen = len + transhdrlen will be overflow. To fix, we can follow what udpv6 does and subtract the transhdrlen from the max...

5.5CVSS5.5AI score0.00272EPSS
Exploits0
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a signed integer overflow in the ip6appenddata function...

5.5CVSS6.7AI score0.00249EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: - In the net subsystem, do not delay the execution of dstentriesadd within dstrelease. - dstentriesadd uses data per-core that might be freed during the dismantling of ip6routenetexit, by calling dstentriesdestroy. Before...

7CVSS6.9AI score0.00239EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/18 12:0 a.m.5 views

PT-2025-1339 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: In the ip6 append data function of ip6 output.c, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to a local privilege escalation...

7.8CVSS9.1AI score0.00106EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/01/17 8:3 p.m.1 views

Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005573 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

7.8CVSS8AI score0.00352EPSS
Exploits1References16
SUSE Linux
SUSE Linux
added 2025/01/16 5:33 p.m.5 views

Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024116 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

7.8CVSS8.7AI score0.00757EPSS
Exploits2References118
OSV
OSV
added 2024/12/29 12:15 p.m.3 views

UBUNTU-CVE-2024-56751

In the Linux kernel, the following vulnerability has been resolved: ipv6: release nexthop on device removal The CI is hitting some aperiodic hangup at device removal time in the pmtu.sh self-test: unregisternetdevice: waiting for vethA-R1 to become free. Usage count = 6 reftracker:...

5.5CVSS6.2AI score0.00203EPSS
Exploits0References30
SUSE Linux
SUSE Linux
added 2024/10/16 9:33 a.m.4 views

Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024188 fixes several issues. The following security issues were fixed: CVE-2024-35861: Fixed potential UAF in cifssignalcifsdforreconnect bsc1225312. CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6nhflushexceptions bsc1227651...

7.8CVSS7.8AI score0.01166EPSS
Exploits2References64
RedHat Linux
RedHat Linux
added 2024/10/16 1:8 a.m.9 views

kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()

A vulnerability was found in the Linux kernel's IPv6 handling in the xfrm6getsaddr function, where the issue occurs when ip6dstidev returns NULL, leading to a null pointer dereference and resulting in a general protection fault...

5.5CVSS6.6AI score0.00278EPSS
Exploits0References5
Rows per page
Query Builder