Lucene search
K

791 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 11:3 p.m.10 views

CVE-2026-53267

A flaw was found in the Linux kernel's netfilter subsystem. A local attacker can exploit this vulnerability by creating specially crafted netfilter rules. This can lead to a memory corruption issue, where data on the kernel's memory stack is overwritten. Successful exploitation could result in...

7.8CVSS5.7AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53263

In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpaniphcmcastctxaddrcompress uses &data1 as destination and &ipaddr-s6addr11 as source, but both should be offset by one: &data2 and...

5.5CVSS0.00119EPSS
Exploits0References8
NVD
NVD
added 2026/06/25 9:16 a.m.13 views

CVE-2026-53267

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report 1. A rule like the one below is enough to trigger the bug: table ip t chain pre type filter hook prerouting...

7.8CVSS0.00128EPSS
Exploits0References5
OSV
OSV
added 2026/06/25 9:16 a.m.20 views

UBUNTU-CVE-2026-53267

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report 1. A rule like the one below is enough to trigger the bug: table ip t chain pre type filter hook prerouting...

7.8CVSS5.7AI score0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 8:39 a.m.1 views

CVE-2026-53263 6lowpan: fix off-by-one in multicast context address compression

In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpaniphcmcastctxaddrcompress uses &data1 as destination and &ipaddr-s6addr11 as source, but both should be offset by one: &data2 and...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52358

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An off-by-one error exists in the lowpan iphc mcast ctx addr compress function. The second memcpy operation incorrectly uses &data1 as the destination and &ipaddr-s6 addr11 as the source...

5.5CVSS6.1AI score0.00119EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52362

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description An issue exists in the netfilter nft ct component where the system fails to properly handle template connection tracking ct during evaluation. When a rule sets a connection tracking zone...

7.8CVSS6.1AI score0.00128EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/06/24 3:36 p.m.5 views

CVE-2026-52940

A flaw was found in the Linux kernel's tun driver. An unprivileged user can exploit this vulnerability by setting the virtual network vnet header size to 24 bytes. This action causes the kernel to copy partially initialized stack memory to userspace when reading non-tunnel packets, leading to the...

7CVSS5.8AI score0.00112EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 8:16 a.m.9 views

CVE-2026-52940

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.5CVSS0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 8:16 a.m.3 views

UBUNTU-CVE-2026-52916

In the Linux kernel, the following vulnerability has been resolved: batman-adv: frag: disallow unicast fragment in fragment batadvfragskbbuffer is called by batadvbatmanskbrecv when a BATADVUNICASTFRAG packet is received. Once all fragments are collected and the packet is reassembled,...

5.5CVSS5.6AI score0.00123EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/24 7:14 a.m.15 views

EUVD-2026-38710

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.8AI score0.00112EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 7:14 a.m.13 views

CVE-2026-52940

The CVE-2026-52940 issue affects the Linux kernel tun driver. tun_put_user() allocates an on‑stack virtio_net_hdr_v1_hash_tunnel without zeroing, while virtio_net_hdr_tnl_from_skb() only initializes the first 10 bytes for non‑tunnel SKBs. This allows an unprivileged user to set the vnet header to...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/24 7:14 a.m.3 views

CVE-2026-52940 tun: zero the whole vnet header in tun_put_user()

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 7:14 a.m.21 views

CVE-2026-52916

CVE-2026-52916 affects the Linux kernel’s BATMAN-adv frag handling. A crafted BATADV_UNICAST_FRAG packet can defragment into another BATADV_UNICAST_FRAG, causing unbounded recursion in batadv_batman_skb_recv() and leading to kernel stack exhaustion. The published description specifies that refrag...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51709

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where the batadv frag skb buffer function is called by batadv batman skb recv upon receiving a BATADV UNICAST FRAG packet. After reassembling the...

6AI score0.00123EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.17 views

Linux Distros Unpatched Vulnerability : CVE-2026-52940

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb,...

5.5CVSS6AI score0.00112EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: frag: disallow unicast fragment in fragment batadvfragskbbuffer is called by batadvbatmanskbrecv when a BATADVUNICASTFRAG packet is received. Once a...

5.5CVSS6AI score0.00123EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-52937

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to...

5.5CVSS6AI score0.00112EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2026/06/22 12:0 a.m.53 views

📄 OpenBSD mpls_do_error Stack Disclosure

OpenBSD suffers from an mplsdoerror remote kernel stack disclosure vulnerability via an MPLS label stack. ------------------------------------------------------------------------ OpenBSD mplsdoerror: Remote Kernel Stack Disclosure via MPLS Label Stack Over-read...

6.9CVSS5.9AI score0.00423EPSS
Exploits2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fixed corruption in user space r13. The commit cf13435b730a “powerpc/tm: Fixed corruption in user space r13” fixes a problem in treclaim, where a SLB miss can occur on threadstruct-ckpt regs, when SCRATCH0 is active a...

5.5CVSS6.2AI score0.00249EPSS
Exploits0References2
Rows per page
Query Builder