17 matches found
CVE-2025-71285
Summary of the CVE-2025-71285 cluster: The Linux kernel’s net/qrtr MHI auto_queue feature for IPCR DL channels is being removed. The race occurs when the MHI stack can call the DL path callback before the QRTR client driver is fully initialized, risking NULL pointer dereferences. The fix disables...
Astra Linux - уязвимость в firefox, thunderbird
When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...
CVE-2026-31617
A flaw was found in the Linux kernel's USB Network Control Model NCM gadget driver. A malicious USB host could exploit an integer underflow vulnerability when processing Network Transfer Block NTB headers. This allows the host to manipulate internal data pointers, causing adjacent kernel memory t...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. CVE-2025-40149 In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize CVE-2025-68792 In the...
kernel: Linux kernel: Data corruption and system instability due to improper io_uring/net buffer handling
A flaw was found in the Linux kernel's iouring/net component. This vulnerability arises when ring provided buffers are partially committed during network operations, particularly when MSGWAITALL is enabled or with streaming sockets. A local attacker could exploit this by causing multiple socket...
EUVD-2023-51016
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-38730
In the Linux kernel, the following vulnerability has been resolved: iouring/net: commit partial buffers on retry Ring provided buffers are potentially only valid within the single execution context in which they were acquired. iouring deals with this and invalidates them on retry. But on the...
CVE-2025-38730
CVE-2025-38730 concerns the Linux kernel io_uring/net handling of ring-provided buffers. The issue arises when a buffer acquired from the ring may remain valid across retries, and on the networking side, with MSG_WAITALL or streaming sockets with insufficient processing, the buffer could be kept ...
PT-2025-36003
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where ring provided buffers in the networking context, specifically when MSG WAITALL is set or with streaming sockets, can be incorrectly retained acro...
SUSE CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer...
FreeBSD : openvpn -- 2.6.0...2.6.6 --fragment option division by zero crash, and TLS data leak (2fe004f5-83fd-11ee-9f5d-31909fb2f495)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2fe004f5-83fd-11ee-9f5d-31909fb2f495 advisory. - Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6...
UBUNTU-CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer...
CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer...
kernel: Linux kernel: Local denial of service in skbuff due to improper network buffer handling
A flaw was found in the Linux kernel. A local user with low privileges could trigger a kernel bug by manipulating network packet buffer skbuff operations. Specifically, when a program uses a helper function to read data beyond the allocated buffer in certain Generic Segmentation Offload GSO...
Use-After-Free
openvpn is vulnerable to Use-After-Free. The vulnerability occurs when sending network buffers to a remote peer, resulting in memory leak buffers or a potential remote execution...
CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer...
CVE-2023-46850
Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer...