Lucene search
K

27 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Correctly check the presence of LSNLATYPEDGID. The netlink response for RDMANLLSOPIPRESOLVE should always contain an LSNLATYPEDGID attribute; it is invalid if it is missing. Properly use the nl parsing logic and cal...

5.5CVSS6AI score0.00114EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

A issue was discovered in the Linux kernel before version 6.0.11. A missing offset validation in the driver/net/wireless/microchip/wilc1000/hif.c file within the WILC1000 wireless driver can lead to an out-of-bounds read during the parsing of a Robust Security Network RSN information element from...

7.1CVSS6.7AI score0.00307EPSS
Exploits0References2
CVE
CVE
added 2026/04/13 1:40 p.m.24 views

CVE-2026-31420

CVE-2026-31420 affects Linux kernel bridge MRP interval handling. Vulerability arises when br_mrp_start_test/br_mrp_start_in_test accept a user-supplied interval from netlink with no validation; if interval is 0, the delay becomes zero and a tight loop can exhaust memory, causing an OOM kernel pa...

5.5CVSS5.7AI score0.00091EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/15 1:24 a.m.8 views

CVE-2025-71096

An uninitialized memory read flaw was found in the Linux kernel's RDMA netlink subsystem. When processing IP resolution responses RDMANLLSOPIPRESOLVE, the code did not properly validate that the required LSNLATYPEDGID attribute was present. A malformed userspace netlink message missing this...

5.5CVSS5.4AI score0.00114EPSS
Exploits0References4
OSV
OSV
added 2026/01/13 3:34 p.m.3 views

CVE-2025-71096 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...

5.5CVSS6.2AI score0.00114EPSS
Exploits0References10
CVE
CVE
added 2026/01/13 3:34 p.m.24 views

CVE-2025-71096

Summary (CVE-2025-71096) : The Linux kernel RDMA core netlink path handling RDMA_NL_LS_OP_IP_RESOLVE could return a DGID-less response, risking an uninitialized read on the stack. The fix ensures the LS_NLA_TYPE_DGID attribute is present, uses nla_parse_deprecated() to populate nlattrs, and then ...

5.5CVSS6AI score0.00114EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992698)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992698 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix geneveopt length integer overflow struct geneveopt uses 5 bit length for each single...

5.5CVSS6.3AI score0.00176EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/29 12:0 a.m.3 views

Siemens SIMATIC Devices Out-of-bounds Read (CVE-2023-3773)

A flaw was found in the Linux kernel's IP framework for transforming packets XFRM subsystem. This issue may allow a malicious user with CAPNETADMIN privileges to cause a 4 byte out-of-bounds read of XFRMAMTIMERTHRESH when parsing netlink attributes, leading to potential leakage of sensitive heap...

5.5CVSS6.3AI score0.00237EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414340 advisory. An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver...

7.1CVSS6.6AI score0.00307EPSS
Exploits0References3
CVE
CVE
added 2025/10/04 3:16 p.m.20 views

CVE-2023-53543

Technical details for CVE-2023-53543 are not publicly provided in the supplied documents; monitor SUSE/kernel advisories for updates.

7.8CVSS5.3AI score0.00154EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-37998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested...

5.5CVSS6.7AI score0.00164EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-53000

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla...

7.8CVSS6.7AI score0.00199EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.4 views

kernel: net: wwan: fix global oob in wwan_rtnl_policy

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

7.1CVSS6.7AI score0.00227EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/11/06 3:48 a.m.9 views

SUSE CVE-2024-50128

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

6.8CVSS7.4AI score0.00227EPSS
Exploits0References21
OSV
OSV
added 2024/11/05 6:15 p.m.12 views

AZL-52508 CVE-2024-50128 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

7.1CVSS6.7AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2024/11/05 6:15 p.m.3 views

UBUNTU-CVE-2024-50128

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

7.1CVSS6.5AI score0.00227EPSS
Exploits0References34
CNNVD
CNNVD
added 2024/11/05 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a global out-of-bounds read issue in the net module, wwanrtnlpolicy, due to an overly large maxtype assigne...

7.1CVSS6.7AI score0.00227EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2024/04/22 12:0 a.m.64 views

kernel security update

2.6.32-754.53.1.OL6 - net/sched: schqfq: refactor parsing of netlink parameters Orabug: 36517546 - net/sched: schqfq: account for stab overhead in qfqenqueue CVE-2023-3611 Orabug: 36517546 - net/sched: clsfw: Fix improper refcount update leads to use-after-free CVE-2023-3776 Orabug: 36517546 - ne...

7.8CVSS8AI score0.00582EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2024/02/27 3:54 a.m.5 views

SUSE CVE-2024-26597

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnetpolicy The variable rmnetlinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...

3.3CVSS6AI score0.00257EPSS
Exploits0References6
OSV
OSV
added 2024/02/23 3:15 p.m.0 views

DEBIAN-CVE-2024-26597

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnetpolicy The variable rmnetlinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below:...

7.1CVSS5.7AI score0.00257EPSS
Exploits0References1
Rows per page
Query Builder