Lucene search
K

728 matches found

NVD
NVD
added 2026/07/01 11:16 a.m.11 views

CVE-2026-14258

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser ...

6.5CVSS0.00248EPSS
Exploits0References4
OSV
OSV
added 2026/07/01 11:16 a.m.4 views

DEBIAN-CVE-2026-14258

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser ...

6.5CVSS5.7AI score0.00248EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/07/01 9:24 a.m.4 views

CVE-2026-14258

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser ...

6.5CVSS5.7AI score0.00248EPSS
Exploits0
CVE
CVE
added 2026/07/01 9:24 a.m.21 views

CVE-2026-14258

CVE-2026-14258 affects dhcpcd’s IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement with a zero-length ND option bypasses validation during packet storage and is reparsed with inadequate validation, causing the parser to enter a non-advancing loo...

6.5CVSS5.7AI score0.00248EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/07/01 9:24 a.m.8 views

CVE-2026-14258

A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router Advertisement processing. A specially crafted IPv6 Router Advertisement containing a zero-length Neighbor Discovery option can bypass validation during packet storage and later be reparsed without adequate validation, causing the parser ...

6.5CVSS5.7AI score0.00248EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 11:16 p.m.9 views

CVE-2026-7656

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS0.00205EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/29 10:9 p.m.12 views

CVE-2026-7656

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS6AI score0.00205EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/29 10:9 p.m.25 views

CVE-2026-7656 Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS0.00205EPSS
Exploits1References2
OSV
OSV
added 2026/06/29 10:9 p.m.2 views

CVE-2026-7656 Broken IPv6 Neighbor Discovery input validation allows spoofed RA/NS/NA acceptance in Zephyr net stack

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS6.2AI score0.00205EPSS
Exploits1References5
CVE
CVE
added 2026/06/29 10:9 p.m.16 views

CVE-2026-7656

The CVE affects Zephyr’s IPv6 Neighbor Discovery in subsys/net/ip/ipv6_nbr.c (handle_ra_input/handle_ns_input/handle_na_input). A faulty boolean combining ND validity checks with ICMPv6 code allowed any ND message with code 0 to bypass Hop Limit==255 and multicast/RS/RA validation, enabling forge...

8.1CVSS6AI score0.00205EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53753

Name of the Vulnerable Software and Affected Versions Zephyr versions prior to 4.4.0 Description An input validation weakness exists in the IPv6 Neighbor Discovery handlers within subsys/net/ip/ipv6 nbr.c. The functions handle ra input, handle ns input, and handle na input use an incorrect boolea...

8.1CVSS5.9AI score0.00205EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/06/26 12:14 p.m.7 views

CVE-2026-52981

A flaw was found in the Linux kernel. The neighxmit function, when called with an uninitialized neighbor table such as NEIGHNDTABLE when IPv6 is disabled, can return an error without properly releasing the allocated skb socket buffer. This can lead to a memory leak, potentially impacting system...

7.5CVSS5.7AI score0.00539EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 8:4 a.m.8 views

CVE-2026-53182

A flaw was found in the Linux kernel's nl80211 Wi-Fi subsystem. The nl80211parsernrelems function, responsible for parsing EMA RNR Enhanced Multiple Access Reduced Neighbor Report lists, does not properly handle an excessive number of nested NL80211ATTREMARNRELEMS inputs. This improper input...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/06/25 12:0 a.m.3 views

The vulnerability of the `fix_ndisc_ra_useropt()` function in the `net/ipv6/ndisc.c` module of the Linux operating system allows a attacker to disclose confidential information.

The vulnerability of the fixndiscrauseropt function in the net/ipv6/ndisc.c module of the Linux kernel is related to incorrect initialization of resources. Exploiting this vulnerability can allow an attacker to disclose sensitive information...

7.1CVSS5.7AI score0.00117EPSS
Exploits0References14Affected Software3
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-52981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit...

7.5CVSS6.1AI score0.00539EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38849

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

5.8AI score0.00539EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-52981

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

7.5CVSS0.00539EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52981

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

5.8AI score0.00539EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/06/24 4:28 p.m.9 views

CVE-2026-52981

CVE-2026-52981 concerns a Linux kernel issue in neigh_xmit: when called with an uninitialized neighbor table (e.g., NEIGH_ND_TABLE with IPv6 disabled), neigh_xmit can return -EAFNOSUPPORT without releasing the skb, risking a memory leak. The fix removes the remaining code path that could neither ...

7.5CVSS5.8AI score0.00539EPSS
Exploits0References6
OSV
OSV
added 2026/06/24 4:28 p.m.2 views

CVE-2026-52981 neigh: let neigh_xmit take skb ownership

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

7.5CVSS5.8AI score0.00539EPSS
Exploits0References9
Rows per page
Query Builder