Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: bridge: It is necessary to confirm multicast packets before passing them up the stack. The conntrack/nfconfirm logic does not handle cloned skb entries that reference the same nfconn entry. This occurs for...

netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm

...

EUVD-2025-31857

A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...

CVE-2025-39894

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check confirmed bit in brnflocalin after confirm When send a broadcast packet to a tap device, which was added to a bridge, brnflocalin is called to confirm the conntrack. If another conntrack with...

PT-2025-40068

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc2-dirty 44 Description The Linux kernel contains an issue within the netfilter module, specifically in the br netfilter component. A hash collision can occur when handling broadcast packets sent to a...

kernel: netfilter: bridge: confirm multicast packets before passing them up the stack

A security vulnerability was identified in the Linux kernel's netfilter subsystem, specifically affecting the handling of multicast and broadcast packets on network bridges. The issue arises from a race condition in the connection tracking conntrack module when processing cloned socket buffers sk...

kernel: netfilter: bridge: confirm multicast packets before passing them up the stack

A security vulnerability was identified in the Linux kernel's netfilter subsystem, specifically affecting the handling of multicast and broadcast packets on network bridges. The issue arises from a race condition in the connection tracking conntrack module when processing cloned socket buffers sk...

SUSE CVE-2024-27415

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nfconfirm logic cannot handle cloned skbs referencing the same nfconn entry, which will happen for multicast broadcast frames on bridges...

DEBIAN-CVE-2024-27415

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: confirm multicast packets before passing them up the stack conntrack nfconfirm logic cannot handle cloned skbs referencing the same nfconn entry, which will happen for multicast broadcast frames on bridges...

CVE-2023-51982

CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and Local In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI...