Lucene search
K

107 matches found

CNNVD
CNNVD
added 2025/04/01 12:0 a.m.6 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the incorrect use of skbget before devqueuexmit...

5.5CVSS6.6AI score0.002EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2025/04/01 12:0 a.m.6 views

The vulnerability of the unix_gc() function in the net/unix/garbage.c module, which is part of the Linux kernel’s networking functions, allows a attacker to cause a service failure.

The vulnerability of the unixgc function in the net/unix/garbage.c module, which is part of the Linux kernel’s networking functions, is related to security configuration errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.3AI score0.00229EPSS
Exploits0References26Affected Software3
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

DEBIAN-CVE-2022-49330

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcpmtupprobesuccess vs wrong sndcwnd syzbot got a new report 1 finally pointing to a very old bug, added in initial support for MTU probing. tcpmtuprobe has checks about starting an MTU probe if tcpsndcwndtp = 11. But...

5.5CVSS5.2AI score0.00283EPSS
Exploits0References1
OSV
OSV
added 2025/01/15 1:15 p.m.2 views

UBUNTU-CVE-2024-57901

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangetprotocoldgram vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangetprotocoldgram to not touch skb at all, so that it can be used from many cpus on the same skb. A...

5.5CVSS6.2AI score0.00257EPSS
Exploits0References48
Vulnrichment
Vulnrichment
added 2025/01/15 1:10 p.m.1 views

CVE-2024-57841 net: fix memory leak in tcp_conn_request()

In the Linux kernel, the following vulnerability has been resolved: net: fix memory leak in tcpconnrequest If inetcskreqskqueuehashadd return false, tcpconnrequest will return without free the dst memory, which allocated in afops-routereq. Here is the kmemleak stack: unreferenced object...

7.6AI score0.00217EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/01/14 8:34 p.m.0 views

Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024125 fixes several issues. The following security issues were fixed: CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-trans bsc1233712. CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1232637...

7.8CVSS8.1AI score0.00352EPSS
Exploits1References26
OSV
OSV
added 2024/10/21 8:15 p.m.2 views

DEBIAN-CVE-2022-48969

In the Linux kernel, the following vulnerability has been resolved: xen-netfront: Fix NULL sring after live migration A NAPI is setup for each network sring to poll data to kernel The sring with source host is destroyed before live migration and new sring with target host is setup after live...

5.5CVSS5.5AI score0.0026EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/09/24 2:39 a.m.3 views

kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

5.5CVSS6.8AI score0.00286EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.5 views

kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()

A vulnerability was found in the Linux kernel's networking subsystem in the actapi implementation within the tcfidrcheckalloc function, which lead to a possible infinite loop when multiple actions with the same index are added, causing the second request to block indefinitely while holding the...

5.5CVSS6.8AI score0.00286EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.15 views

kernel: net: do not leave a dangling sk pointer, when socket creation fails

A vulnerability was found in the Linux kernel's networking component in the sockrelease function, where a dangling pointer can occur when socket creation fails. This happens when a reference to the socket is not cleared, leading to a use-after-free condition...

7.8CVSS6.8AI score0.00255EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/24 12:40 a.m.8 views

kernel: net: fix out-of-bounds access in ops_init

An out-of-bounds memory access flaw was found in the Linux kernel’s networking subsystem in how a local user triggers a complex race condition. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.1CVSS7.3AI score0.00308EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/09/18 12:24 a.m.12 views

kernel: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket

A flaw was found in the Linux kernel's bpf programs. Under certain conditions, when the kernel attempts to initiate a network connection using the kernelconnect function, it can return a value that causes the cxtcpsetupsocket function to loop. This issue can lead to continuous data writing to the...

5.5CVSS6.8AI score0.00231EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/09/11 7:0 a.m.9 views

ipv6: prevent possible NULL deref in fib6_nh_init()

...

5.5CVSS7.3AI score0.00265EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/09/03 3:48 p.m.5 views

kernel: net: fix out-of-bounds access in ops_init

An out-of-bounds memory access flaw was found in the Linux kernel’s networking subsystem in how a local user triggers a complex race condition. This flaw allows a local user to crash or potentially escalate their privileges on the system...

7.1CVSS7.3AI score0.00308EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/08/23 2:53 a.m.5 views

SUSE CVE-2022-48910

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ensure we call ipv6mcdown at most once There are two reasons for addrconfnotify to be called with NETDEVDOWN: either the network device is actually going down, or IPv6 was disabled on the interface. If either of them...

5.3CVSS6.3AI score0.0021EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.6 views

kernel: tipc: fix a possible memleak in tipc_buf_append

In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so move 'buf = NULL' after skblinearize, so that the skb can be freed on the err path...

5.5CVSS6.8AI score0.00249EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/05/28 12:0 a.m.8 views

The vulnerability of the macvlan_handle_frame() function in the drivers/net/macvlan.c file of the Linux kernel’s networking component allows a hacker to cause a service failure.

The vulnerability of the macvlanhandleframe function in the drivers/net/macvlan.c file of the Linux kernel’s networking component is related to a memory leak. Exploiting this vulnerability allows an attacker to cause a service failure...

7.8CVSS6.5AI score0.00914EPSS
Exploits0References9Affected Software2
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.3 views

kernel: net/mlx5e: xsk: Fix crash on regular rq reactivation

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

5.5CVSS6.8AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/21 12:33 a.m.3 views

kernel: net/packet: slab-out-of-bounds access in packet_recvmsg()

An out-of-bounds access issue was found in the Linux kernel networking subsystem in the way raw packet sockets AFPACKET used PACKETCOPYTHRESH and mmap operations. A local attacker with CAPNETRAW capability could use this flaw to trigger a buffer overflow resulting in a system crash or privilege...

7.8CVSS6.9AI score0.00126EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: drm/virtio: Check whether transferred 2D BO is shmem

A flaw was found in the Linux kernel networking subsystem. Under certain conditions, a pointer may be dereferenced without proper validation, resulting in a NULL pointer dereference. An unprivileged local user could trigger this flaw by exercising the affected networking functionality, causing a...

5.7AI score0.00201EPSS
Exploits0References5
Rows per page
Query Builder