Lucene search
K

201 matches found

CVE
CVE
added 2024/05/19 8:34 a.m.153 views

CVE-2024-35890

CVE-2024-35890 : In the Linux kernel, a GRO (generic receive offload) fraglist ownership transfer bug can lead to use-after-free/dos conditions when packets are GROed with fraglist. The issue arises because skb_gro_receive_list removes the socket reference but the skb_segment_list may reuse skbs ...

5.5CVSS6.5AI score0.00232EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/05/17 3:15 p.m.2 views

UBUNTU-CVE-2024-35857

In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmpbuildprobe First problem is a double call to indevgetrcu, because the second one could return NULL. if indevgetrcudev && indevgetrcudev-ifalist Second problem is a read from...

5.3CVSS6.2AI score0.00888EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.3 views

kernel: icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev()

In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP and will be forwarded to an external IP in the IPv6 Ex...

5.5CVSS6.8AI score0.00192EPSS
Exploits0References5
OSV
OSV
added 2024/04/22 1:4 p.m.4 views

CLSA-2024-1713791075 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix...

7.8CVSS6.9AI score0.0094EPSS
Exploits0References1
OSV
OSV
added 2024/04/22 1:0 p.m.5 views

CLSA-2024-1713790844 Fix of 12 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-23307 - md/raid5: fix atomicity violation in raid5cachecount CVE-url: https://ubuntu.com/security/CVE-2021-46932 - Input: appletouch - initialize work before device registration CVE-url: https://ubuntu.com/security/CVE-2021-46936 - net: fix...

7.8CVSS6.9AI score0.0094EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/04/19 2:18 a.m.3 views

SUSE CVE-2024-26852

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6routempathnotify syzbot found another use-after-free in ip6routempathnotify 1 Commit f7225172f25a "net/ipv6: prevent use after free in ip6routempathnotify" was not able to fix the root cause. We...

7.8CVSS6.3AI score0.00269EPSS
Exploits0References161
OSV
OSV
added 2024/04/17 11:15 a.m.0 views

DEBIAN-CVE-2024-26852

In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6routempathnotify syzbot found another use-after-free in ip6routempathnotify 1 Commit f7225172f25a "net/ipv6: prevent use after free in ip6routempathnotify" was not able to fix the root cause. We...

7.8CVSS5.8AI score0.00269EPSS
Exploits0References1
OSV
OSV
added 2024/04/03 5:15 p.m.1 views

UBUNTU-CVE-2024-26752

In the Linux kernel, the following vulnerability has been resolved: l2tp: pass correct message length to ip6appenddata l2tpip6sendmsg needs to avoid accounting for the transport header twice when splicing more data into an already partially-occupied skbuff. To manage this, we check whether the...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References23
RedhatCVE
RedhatCVE
added 2024/03/18 2:23 p.m.33 views

CVE-2024-26641

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...

5.5CVSS6.5AI score0.00241EPSS
Exploits0References4
OSV
OSV
added 2024/03/18 11:15 a.m.5 views

DEBIAN-CVE-2024-26633

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...

5.5CVSS5.5AI score0.0033EPSS
Exploits0References1
OSV
OSV
added 2024/03/18 11:15 a.m.1 views

UBUNTU-CVE-2024-26633

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...

5.5CVSS6.1AI score0.0033EPSS
Exploits0References28
RedhatCVE
RedhatCVE
added 2024/03/16 7:7 p.m.27 views

CVE-2021-47109

In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUDNOARP entries to be forced GCed IFFPOINTOPOINT interfaces use NUDNOARP entries for IPv6. It's possible to fill up the neighbour table with enough entries that it will overflow for valid connections after that...

5.5CVSS6.8AI score0.00235EPSS
Exploits0References4
CVE
CVE
added 2024/03/02 9:52 p.m.93 views

CVE-2023-52527

CVE-2023-52527 involves the Linux kernel IPv4/IPv6 path: the handling of transhdrlen in __ip{,6}_append_data() could inflate the length when a packet is only partially filled (e.g., after MSG_MORE), risking duplicate transport header accounting. The issue can arise when splicing into an L2TP sock...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References8Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:38 a.m.7 views

SUSE CVE-2013-2232

The ip6skdstcheck function in net/ipv6/ip6output.c in the Linux kernel before 3.10 allows local users to cause a denial of service system crash by using an AFINET6 socket for a connection to an IPv4 interface...

4.9CVSS6.2AI score0.00556EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 5:37 a.m.5 views

SUSE CVE-2013-3230

The l2tpip6recvmsg function in net/l2tp/l2tpip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call...

4.9CVSS6AI score0.0037EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.2 views

PT-2022-36238 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.78 Description: The issue is related to a warning in the ip6 route net exit late function. The actual impact and attack plausibility have not yet been proven. It was introduced in version v2.6.26 and fixed...

7.1AI score
Exploits0References1
OSV
OSV
added 2022/02/25 8:15 p.m.7 views

CVE-2022-25061

TP-LINK TL-WR840NESV6.20180709 was discovered to contain a command injection vulnerability via the component oalsetIp6DefaultRoute...

9.8CVSS5.8AI score0.72495EPSS
Exploits1References3
OSV
OSV
added 2020/08/27 12:0 a.m.9 views

OSV-2020-1668 Memcpy-param-overlap in ot::Message::Write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25226 Crash type: Memcpy-param-overlap Crash state: ot::Message::Write ot::Message::CopyTo ot::Ip6::Ip6::InsertMplOption...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/07/01 12:0 a.m.14 views

OSV-2020-732 Stack-buffer-overflow in ot::MeshCoP::Leader::HandlePetition

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13537 Crash type: Stack-buffer-overflow READ 1 Crash state: ot::MeshCoP::Leader::HandlePetition ot::Coap::CoapBase::ProcessReceivedRequest ot::Ip6::Udp::HandleMessage...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/07/01 12:0 a.m.10 views

OSV-2020-728 Stack-buffer-overflow in ot::Ip6::OptionPadN::Init

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14854 Crash type: Stack-buffer-overflow WRITE 9 Crash state: ot::Ip6::OptionPadN::Init ot::Ip6::Ip6::RemoveMplOption ot::Ip6::Ip6::ProcessReceiveCallback...

7.2AI score
Exploits0References1
Rows per page
Query Builder