Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/05/09 1:0 a.m.15 views

CVE-2026-43457

A flaw was found in the Linux kernel's Management Component Transport Protocol MCTP over I2C receive path. When the midev-allowrx flag is false, a newly allocated network buffer skb is not properly freed. This memory leak can lead to a gradual exhaustion of system memory, potentially allowing a...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/08 2:22 p.m.8 views

CVE-2026-43457

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...

5.5CVSS5.7AI score0.00114EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-43307

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.0025EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-0646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw use after free in the Linux kernel Management Component Transport Protocol MCTP subsystem was found in the way user triggers cancelworksync after the...

7.8CVSS7.1AI score0.00342EPSS
Exploits0References2
OSV
OSV
added 2025/04/01 4:15 p.m.2 views

UBUNTU-CVE-2025-21972

In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the fraglist used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak due to circular...

5.5CVSS6.5AI score0.00174EPSS
Exploits0References24
BDU FSTEC
BDU FSTEC
added 2024/08/07 12:0 a.m.7 views

The vulnerability of the mctproute_input() function in the implementation of the Management Component Transport Protocol (MCTP) kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the mctprouteinput function in the net/mctp/route.c module, which is part of the Management Component Transport Protocol MCTP implementation in the Linux operating system, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an...

5.2CVSS7.1AI score0.00216EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.5 views

SUSE CVE-2022-3977

A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...

7.8CVSS6.3AI score0.0025EPSS
Exploits0References3
Prion
Prion
added 2023/01/12 7:15 p.m.24 views

Design/Logic Flaw

A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...

4.3CVSS7.2AI score0.0025EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder