Lucene search
K

23 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in libslirp

In ncsi.c within libslirp up to 4.3.1, there is an issue of buffer over-reading. This occurs because the program attempts to read a certain amount of header data, even when that amount exceeds the total packet length...

4.3CVSS6.7AI score0.01443EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 3:16 p.m.6 views

CVE-2026-43373

In the Linux kernel, the following vulnerability has been resolved: net: ncsi: fix skb leak in error paths Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak. Specifically, ncsiaenhandler returns on invalid AEN packets without consuming the...

7.5CVSS0.00501EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43373

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ncsi: fix skb leak in error paths Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak. Specifically...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References2
OSV
OSV
added 2025/02/26 10:38 a.m.24 views

USN-7303-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Drivers cor...

9.1CVSS6.8AI score0.01367EPSS
Exploits0References209
SUSE CVE
SUSE CVE
added 2024/10/26 3:1 a.m.10 views

SUSE CVE-2024-49945

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

5.5CVSS7.2AI score0.00228EPSS
Exploits0References22
RedhatCVE
RedhatCVE
added 2024/10/22 2:45 p.m.14 views

CVE-2024-49945

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

5.5CVSS7AI score0.00228EPSS
Exploits0References4
OSV
OSV
added 2024/10/21 6:15 p.m.13 views

AZL-52108 CVE-2024-49945 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

5.5CVSS6.7AI score0.00228EPSS
Exploits0References1
OSV
OSV
added 2024/10/21 6:15 p.m.2 views

DEBIAN-CVE-2024-49945

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

5.5CVSS5.7AI score0.00228EPSS
Exploits0References1
NVD
NVD
added 2024/10/21 6:15 p.m.22 views

CVE-2024-49945

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

5.5CVSS0.00228EPSS
Exploits0References3
CVE
CVE
added 2024/10/21 6:2 p.m.130 views

CVE-2024-49945

CVE-2024-49945 affects the Linux kernel where the ncsi work is not properly synchronized with the freeing of the ncsi device. The issue arises when the ncsi work function can run after the associated structure is freed, leading to use-after-free bugs or kernel panics. The documented impact is a p...

5.5CVSS5.3AI score0.00228EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/21 6:2 p.m.20 views

CVE-2024-49945 net/ncsi: Disable the ncsi work before freeing the associated structure

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

7.1AI score0.00228EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/21 6:2 p.m.43 views

CVE-2024-49945 net/ncsi: Disable the ncsi work before freeing the associated structure

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

0.00228EPSS
Exploits0References3
OSV
OSV
added 2024/10/21 6:2 p.m.17 views

CVE-2024-49945 net/ncsi: Disable the ncsi work before freeing the associated structure

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resulting in use-after-free bugs or kernel panic...

5.5CVSS6.1AI score0.00228EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/09/25 12:0 a.m.13 views

PT-2024-33787

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the net/ncsi component. The issue arises when the work function is not disabled before freeing the associated...

5.5CVSS5.5AI score0.00228EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/02/21 12:0 a.m.5 views

The vulnerability in the `src/ncsi.c` component of the TCP-IP Libslirp emulator allows a attacker to access confidential data.

The vulnerability of the src/ncsi.c component of the TCP-IP Libslirp emulator is related to reading data beyond the allowable buffer size. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data...

4.3CVSS6.9AI score0.01443EPSS
Exploits0References9Affected Software4
OSV
OSV
added 2023/03/22 8:44 a.m.7 views

SUSE-SU-2023:0870-1 Security update for slirp4netns

This update for slirp4netns fixes the following issues: - CVE-2020-29129: Fixed out-of-bounds access while processing NCSI packets bsc1179466. - CVE-2020-29130: Fixed out-of-bounds access while processing ARP packets bsc1179467...

4.3CVSS6AI score0.0183EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.3 views

SUSE CVE-2020-29129

ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length...

2.7CVSS7.1AI score0.01443EPSS
Exploits0References30
RedHat Linux
RedHat Linux
added 2021/05/18 2:6 p.m.3 views

QEMU: slirp: out-of-bounds access while processing ARP/NCSI packets

An out-of-bounds access issue was found in the SLiRP user networking implementation of QEMU. It could occur while processing ARP/NCSI packets, if the packet length was shorter than required to accommodate respective protocol headers and payload. A privileged guest user may use this flaw to...

4.3CVSS6.7AI score0.01443EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2021:1244-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.05447EPSS
Exploits5References31
Tenable Nessus
Tenable Nessus
added 2020/12/14 12:0 a.m.36 views

Fedora 32 : libslirp (2020-331e1318dd)

Fix CVE-2020-29129 CVE-2020-29130 out-of-bounds access while processing ARP/NCSI packets Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

4.3CVSS6.5AI score0.0183EPSS
Exploits1References3
Rows per page
Query Builder