Lucene search
+L

116 matches found

nessus
nessus
added 2026/06/28 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-53238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute da...

5.5CVSS6AI score0.00128EPSS
Exploits0References3
mscve
mscve
added 2026/06/27 8:6 a.m.6 views

netlabel: validate unlabeled address and mask attribute lengths

...

5.5CVSS5.8AI score0.00128EPSS
Exploits0
susecve
susecve
added 2026/06/26 2:9 a.m.6 views

SUSE CVE-2026-53238

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.8AI score0.00128EPSS
Exploits0References3
nvd
nvd
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53238

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.5CVSS0.00128EPSS
Exploits0References8
osv
osv
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53238

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References11
debiancve
debiancve
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53238

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.5CVSS5.6AI score0.00128EPSS
Exploits0
attackerkb
attackerkb
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53238

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.7AI score0.00128EPSS
Exploits0References9Affected Software1
osv
osv
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53238 netlabel: validate unlabeled address and mask attribute lengths

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References11
euvd
euvd
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39329

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.7AI score0.00128EPSS
Exploits0References8
cve
cve
added 2026/06/25 8:39 a.m.16 views

CVE-2026-53238

CVE-2026-53238 affects the Linux kernel netlabel/privacy path in netlbl_unlabel_addrinfo_get, where the address attribute length was used to infer IPv4/IPv6 data but the corresponding mask length was not independently validated. A crafted Generic Netlink request could supply a valid IPv4/IPv6 add...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References8Affected Software1
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.8 views

PT-2026-52333

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netlabel component where the netlbl unlabel addrinfo get function fails to independently validate the length of the mask attribute. While the function uses the...

5.5CVSS6.1AI score0.00128EPSS
Exploits0References21
osv
osv
added 2026/05/27 2:16 p.m.7 views

UBUNTU-CVE-2025-71304

In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient labels. E.g. cat /smack/doi 3 netlabelctl -p cipso list Configured...

5.5CVSS5.6AI score0.0016EPSS
Exploits0References11
osv
osv
added 2026/05/27 12:14 p.m.2 views

CVE-2025-71304 smack: /smack/doi: accept previously used values

In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient labels. E.g. cat /smack/doi 3 netlabelctl -p cipso list Configured...

5.5CVSS5.9AI score0.0016EPSS
Exploits0References11
astralinux
astralinux
added 2026/01/27 5:1 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...

5.5CVSS6.4AI score0.00245EPSS
Exploits0References3
nessus
nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2019-25160)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-25160 advisory. - In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memo...

7.1CVSS5.3AI score0.00252EPSS
Exploits0References2
nessus
nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : kernel-3.10.0-1127.8.2.el7 (AXSA:2020-121:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-121:05 advisory. kernel: double free may be caused by the function allocatetracebuffer in the file kernel/trace/trace.c CVE-2017-18595 kernel: use-after-free in...

7.8CVSS6.9AI score0.0415EPSS
Exploits0References4
nessus
nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001274)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001274 advisory. A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to ente...

7.1CVSS6.6AI score0.04997EPSS
Exploits0References12
nessus
nessus
added 2026/01/15 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002317)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002317 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...

7.1CVSS7.1AI score0.02544EPSS
Exploits0References8
nessus
nessus
added 2026/01/15 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003182 advisory. A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to ente...

7.1CVSS6.6AI score0.04997EPSS
Exploits0References12
nessus
nessus
added 2026/01/15 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002271)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002271 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...

7.1CVSS7.1AI score0.02544EPSS
Exploits0References8
Rows per page
Query Builder