116 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53238
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute da...
netlabel: validate unlabeled address and mask attribute lengths
...
SUSE CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
UBUNTU-CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-53238
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-53238 netlabel: validate unlabeled address and mask attribute lengths
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
EUVD-2026-39329
In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...
CVE-2026-53238
CVE-2026-53238 affects the Linux kernel netlabel/privacy path in netlbl_unlabel_addrinfo_get, where the address attribute length was used to infer IPv4/IPv6 data but the corresponding mask length was not independently validated. A crafted Generic Netlink request could supply a valid IPv4/IPv6 add...
PT-2026-52333
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netlabel component where the netlbl unlabel addrinfo get function fails to independently validate the length of the mask attribute. While the function uses the...
UBUNTU-CVE-2025-71304
In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient labels. E.g. cat /smack/doi 3 netlabelctl -p cipso list Configured...
CVE-2025-71304 smack: /smack/doi: accept previously used values
In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient labels. E.g. cat /smack/doi 3 netlabelctl -p cipso list Configured...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: netlabel: Fixed a NULL pointer exception caused by CALIPSO on IPv4 sockets. When calling netlblconnsetattr, addr-safamily is used to determine the function’s behavior. If sk is an IPv4 socket, but the connect function is called...
Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2019-25160)
The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-25160 advisory. - In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memo...
MiracleLinux 7 : kernel-3.10.0-1127.8.2.el7 (AXSA:2020-121:05)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-121:05 advisory. kernel: double free may be caused by the function allocatetracebuffer in the file kernel/trace/trace.c CVE-2017-18595 kernel: use-after-free in...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001274)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001274 advisory. A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to ente...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002317)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002317 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003182)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003182 advisory. A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to ente...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002271)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002271 advisory. cipsov4validate in include/net/cipsoipv4.h in the Linux kernel before 3.11.7, when CONFIGNETLABEL is disabled, allows attackers to cause a denial of service infinite...