Lucene search
K

37 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: libceph: The calctarget function should set t-paused, rather than simply clearing it. Currently, calctarget clears t-paused if the request should no longer be paused. However, it never sets t-paused, even though it can determine...

5.7AI score0.00161EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/12 9:30 p.m.7 views

EUVD-2026-21742

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

4CVSS5.9AI score0.00347EPSS
Exploits0References3
NVD
NVD
added 2026/04/12 8:16 p.m.10 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

7.5CVSS0.00347EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/12 8:16 p.m.2 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

7.5CVSS5.8AI score0.00347EPSS
Exploits0References4
OSV
OSV
added 2026/04/12 8:16 p.m.7 views

UBUNTU-CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

7.5CVSS5.9AI score0.00347EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/12 7:23 p.m.4 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

4CVSS5.9AI score0.00347EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/12 7:23 p.m.23 views

CVE-2026-40396

Varnish Cache 9 prior to 9.0.1 is affected by a workspace overflow DoS (daemon panic) that can be triggered by a malicious HTTP/1 request sequence: after timeout_linger releases a worker thread, resuming traffic with multiple requests before the session closes (timeout_idle) can cause a pipelinin...

7.5CVSS5.9AI score0.00347EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/12 7:23 p.m.1 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

4CVSS5.9AI score0.00347EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/12 7:23 p.m.6 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

7.5CVSS5.5AI score0.00347EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/12 7:23 p.m.24 views

CVE-2026-40396

Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service daemon panic after timeoutlinger. A malicious client could send an HTTP/1 request, wait long enough until the session releases its worker thread timeoutlinger and resume traffic before the session is closed timeoutidle...

4CVSS0.00347EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.3 views

PT-2026-32185

Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 9.0.1 Description Varnish Cache 9 before 9.0.1 is susceptible to a denial of service due to a workspace overflow, potentially leading to a daemon panic. A malicious client can exploit this by sending an HTTP/1...

4CVSS5.8AI score0.00347EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.7 views

Varnish Cache 安全漏洞

Varnish Cache is a set of reverse website caching servers developed by the Varnish company. Versions of Varnish Cache prior to 9.0.1 contained security vulnerabilities. These vulnerabilities stemmed from a situation where, after a timeoutlinger period, malicious clients might send HTTP/1 requests...

7.5CVSS5.8AI score0.00347EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/02/05 12:25 a.m.4 views

SUSE CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.5CVSS5.2AI score0.00161EPSS
Exploits0References15
NVD
NVD
added 2026/02/04 4:16 p.m.11 views

CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

0.00161EPSS
Exploits0References7
OSV
OSV
added 2026/02/04 4:16 p.m.5 views

UBUNTU-CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.7AI score0.00161EPSS
Exploits0References28
UbuntuCve
UbuntuCve
added 2026/02/04 4:16 p.m.6 views

CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.9AI score0.00161EPSS
Exploits0References25
Cvelist
Cvelist
added 2026/02/04 4:0 p.m.25 views

CVE-2026-23047 libceph: make calc_target() set t->paused, not just clear it

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

0.00161EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:0 p.m.2 views

CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.2AI score0.00161EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/02/04 4:0 p.m.6 views

CVE-2026-23047 libceph: make calc_target() set t->paused, not just clear it

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.2AI score0.00161EPSS
Exploits0References10
CVE
CVE
added 2026/02/04 4:0 p.m.20 views

CVE-2026-23047

The CVE-2026-23047 issue affects the Linux kernel’s Ceph client library (libceph). The root cause is that calc_target() clears t->paused when a request should no longer be paused, but never sets it for linger requests; the intended behavior was in __submit_request(), which does not operate on ...

5.2AI score0.00161EPSS
Exploits0References7
Rows per page
Query Builder