Lucene search
+L

19 matches found

redhat
redhat
added 2026/02/10 2:6 a.m.6 views

kernel: ipv6: use RCU in ip6_xmit()

A use-after-free flaw was found in ip6autoflowlabel in the Linux kernel's net/ipv6/ip6output.c code. In this flaw an attacker can cause a denial of service DoS attack...

5.8AI score0.00202EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2025/11/27 12:0 a.m.2 views

The vulnerability of the ip6_output() function in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the ip6output function in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

7CVSS5.8AI score0.00212EPSS
Exploits0References7Affected Software5
osv
osv
added 2025/11/12 11:15 a.m.6 views

UBUNTU-CVE-2025-40158

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...

5.7AI score0.00212EPSS
Exploits0References10
osv
osv
added 2025/11/12 10:23 a.m.3 views

CVE-2025-40158 ipv6: use RCU in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...

6.2AI score0.00212EPSS
Exploits0References5
cvelist
cvelist
added 2025/11/12 10:23 a.m.9 views

CVE-2025-40158 ipv6: use RCU in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6output Use RCU in ip6output in order to use dstdevrcu to prevent possible UAF. We can remove rcureadlock/rcureadunlock pairs from ip6finishoutput2...

0.00212EPSS
Exploits0References2
redhat
redhat
added 2025/03/26 2:23 a.m.6 views

kernel: ipv6: prevent NULL dereference in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References5
nessus
nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-36901

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal wit...

5.5CVSS6.8AI score0.00262EPSS
Exploits0References3
nessus
nessus
added 2025/02/10 12:0 a.m.8 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-36901)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36901 advisory. - In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in...

5.5CVSS5.9AI score0.00262EPSS
Exploits0References2
redhat
redhat
added 2024/11/12 9:11 a.m.8 views

kernel: ipv6: prevent NULL dereference in ip6_output()

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References5
susecve
susecve
added 2024/06/01 2:23 a.m.5 views

SUSE CVE-2024-36901

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References17
osv
osv
added 2024/05/30 4:15 p.m.2 views

DEBIAN-CVE-2024-36901

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS5.7AI score0.00262EPSS
Exploits0References1
osv
osv
added 2024/05/30 4:15 p.m.7 views

AZL-42495 CVE-2024-36901 affecting package kernel for versions less than 5.15.164.1-1

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS6.3AI score0.00262EPSS
Exploits0References1
osv
osv
added 2024/05/30 4:15 p.m.4 views

UBUNTU-CVE-2024-36901

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS6.2AI score0.00262EPSS
Exploits0References25
ubuntucve
ubuntucve
added 2024/05/30 4:15 p.m.19 views

CVE-2024-36901

In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent NULL dereference in ip6output According to syzbot, there is a chance that ip6dstidev returns NULL in ip6output. Most places in IPv6 stack deal with a NULL idev just fine, but not here. syzbot reported: general...

5.5CVSS6.4AI score0.00262EPSS
Exploits0References24
redhat
redhat
added 2017/08/01 2:13 p.m.7 views

kernel: Incorrect overwrite check in __ip6_append_data()

The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service system crash via crafted system calls...

5.5CVSS7.2AI score0.00405EPSS
Exploits0References4
nessus
nessus
added 2014/02/13 12:0 a.m.48 views

Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3002)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3002 advisory. - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo sk...

7.9CVSS6.9AI score0.07313EPSS
Exploits16References16
oraclelinux
oraclelinux
added 2013/12/17 12:0 a.m.77 views

unbreakable enterprise kernel security update

kernel-uek 3.8.13-16.2.3.el6uek - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951078 CVE-2013-4470 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951080 CVE-2013-4470 - KVM: x86: fix guest-initiated crash with x2apic CVE-2013-637...

6.9CVSS0.2AI score0.01446EPSS
Exploits6
oraclelinux
oraclelinux
added 2013/12/13 12:0 a.m.48 views

unbreakable enterprise kernel security update

2.6.39-400.211.3 - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951806 CVE-2013-4470 - ipoutput: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951818 CVE-2013-4470 - KVM: x86: Fix potential divide by 0 in lapic CVE-2013-6367 Andy Honig Orabu...

6.9CVSS0.8AI score0.01446EPSS
Exploits3
redhat
redhat
added 2013/09/03 8:26 p.m.7 views

Kernel: ipv6: using ipv4 vs ipv6 structure during routing lookup in sendmsg

The ip6skdstcheck function in net/ipv6/ip6output.c in the Linux kernel before 3.10 allows local users to cause a denial of service system crash by using an AFINET6 socket for a connection to an IPv4 interface...

4.9CVSS5.8AI score0.00556EPSS
Exploits1References4
Rows per page
Query Builder