Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the net module using the unnecessary WARNONONCE macro when accessing the forwarding path array...

GHSA-XHMJ-RG95-44HV Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox

Summary A Server-Side Request Forgery SSRF protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTPDENYLIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandb...

Flowise: SSRF Protection Bypass via Unprotected Built-in HTTP Modules in Custom Function Sandbox

Summary A Server-Side Request Forgery SSRF protection bypass vulnerability exists in the Custom Function feature. While the application implements SSRF protection via HTTPDENYLIST for axios and node-fetch libraries, the built-in Node.js http, https, and net modules are allowed in the NodeVM sandb...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000331)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000331 advisory. An infinite loop issue was found in the vhostnet kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handlerx. It could...

EUVD-2016-3377

Malware in sbrugna...

CLSA-2025-1756231459 grub2: Fix of CVE-2025-0624

CVE-2025-0624: net: Fix OOB write in grubnetsearchconfigfile...

CVE-2022-49856

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

PT-2025-20531

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns the Linux kernel's handling of read/write replies in the 9p/net module. Specifically, in p9 client write and p9 client read once, if a server incorrectly replies with ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the virtio-net module in virtnetrqalloc that could lead to an overflow and affect virtual machine...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a delay in the final release of struct net during netns disassembly in the net module. No details of the...

CVE-2024-50186

In the Linux kernel, the following vulnerability has been resolved: net: explicitly clear the sk pointer, when pf-create fails We have recently noticed the exact same KASAN splat as in commit 6cd4a78d962b "net: do not leave a dangling sk pointer, when socket creation fails". The problem is that...

net/http: Denial of service due to improper 100-continue handling in net/http

A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service...

CVE-2024-50186

CVE-2024-50186 : Linux kernel vulnerability in net: explicitly clear the sk pointer when pf->create fails. Root cause: some pf->create implementations do not NULL the freed sk object in error paths, leaving a dangling pointer and enabling Use-After-Free. Fix: explicitly NULL the sk pointer ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a global out-of-bounds read issue in the net module, wwanrtnlpolicy, due to an overly large maxtype assigne...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a loop overrun issue in the net module, pse-pd module, which could lead to out-of-bounds access due to loop...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates in the net module, where the netconsole driver's buffer space underrun warnings are mishandled, which may resu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible dangling pointer use in the tapriodump function in the net module, which is fixed by adding an RC...

CVE-2024-50036

In the Linux kernel, the following vulnerability has been resolved: net: do not delay dstentriesadd in dstrelease dstentriesadd uses per-cpu data that might be freed at netns dismantle from ip6routenetexit calling dstentriesdestroy Before ip6routenetexit can be called, we release all the dsts...

CVE-2022-48955

CVE-2022-48955 affects the Linux kernel Thunderbolt net path. The issue is a memory leak in tbnet_open() where tb_ring_alloc_rx() failure could leave the ida allocated in tb_xdomain_alloc_out_hopid() unreleased. The documented fix adds tb_xdomain_release_out_hopid() to the error path to release t...

CVE-2024-49948

In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdiscpktleninit One path takes care of SKBGSODODGY, assuming skb-len is bigger than hdrlen. virtionethdrtoskb does not fully dissect TCP headers, it only make sure it is at least 20 bytes. It is...