Lucene search
K

39 matches found

Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53363

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propaga...

7.8CVSS7.1AI score0.03663EPSS
Exploits11References2
RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-53363

A flaw was found in the Linux kernel's iptfs component, part of the IPSec framework. The iptfsconsumefrags function does not correctly propagate a flag indicating shared fragments. This can cause the Encapsulating Security Payload ESP to make incorrect security decisions regarding in-place...

6.1AI score0.00111EPSS
Exploits0References4
NVD
NVD
added 6 days ago18 views

CVE-2026-53363

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...

0.00111EPSS
Exploits0References3
OSV
OSV
added 6 days ago4 views

UBUNTU-CVE-2026-53363

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...

6AI score0.00111EPSS
Exploits0References3
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-53363

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...

6AI score0.00111EPSS
Exploits0
EUVD
EUVD
added 6 days ago11 views

EUVD-2026-42870

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...

6AI score0.00111EPSS
Exploits0References3
OSV
OSV
added 6 days ago2 views

CVE-2026-53363 xfrm: iptfs: preserve shared-frag marker in iptfs_consume_frags()

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfsconsumefrags iptfsconsumefrags transfers paged fragments from one socket buffer to another but fails to propagate the SKBFLSHAREDFRAG flag. This is the same class of bug that was...

6AI score0.00111EPSS
Exploits0References6
CVE
CVE
added 6 days ago30 views

CVE-2026-53363

CVE-2026-53363 affects the Linux kernel’s xfrm/iptfs path. The vulnerability arises because iptfs_consume_frags() fails to propagate the SKBFL_SHARED_FRAG flag when transferring paged fragments, mirroring the issue fixed in skb_try_coalesce() for CVE-2026-46300. The documented remediation is to a...

6AI score0.00111EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53197

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leadin...

5.5CVSS6.1AI score0.00097EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-53240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial...

8.8CVSS6.2AI score0.00418EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/26 9:30 a.m.6 views

CVE-2026-53197

A flaw was found in the iptfs module of the Linux kernel. This issue, an ABBA deadlock, occurs when iptfsdestroystate attempts to cancel a timer while holding a spinlock that the timer's callback also tries to acquire. This circular dependency can cause the system to become unresponsive, leading ...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 12:18 a.m.7 views

CVE-2026-53240

A flaw was found in the Linux kernel's xfrm: iptfs component. A race condition during partial packet reassembly in the inputprocesspayload function can lead to a use-after-free vulnerability. This occurs when a concurrent process frees a packet buffer skb before it is checked, allowing subsequent...

8.8CVSS6AI score0.00418EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53240

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...

8.8CVSS0.00418EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53197

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...

5.5CVSS0.00097EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53240

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...

8.8CVSS5.8AI score0.00418EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53197

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...

5.7CVSS5.8AI score0.00097EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53240

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...

8.8CVSS5.7AI score0.00418EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 8:39 a.m.12 views

EUVD-2026-39191

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...

5.8AI score0.00418EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.30 views

CVE-2026-53240 xfrm: iptfs: fix use-after-free on first_skb in __input_process_payload

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on firstskb in inputprocesspayload inputprocesspayload stores firstskb into xtfs-ranewskb under droplock when starting partial reassembly, then unlocks and breaks out of the processing loop. The...

8.8CVSS0.00418EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53240

CVE-2026-53240 concerns a use-after-free in the Linux kernel xfrm: iptfs partial reassembly logic (__input_process_payload). The bug occurs when first_skb is saved to xtfs->ra_newskb under drop_lock and a concurrent path may complete reassembly, NULL the ra_newskb, and free the skb before the ...

8.8CVSS5.8AI score0.00418EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder