Lucene search
K

51 matches found

Debian CVE
Debian CVE
added 2025/08/22 4:0 p.m.9 views

CVE-2025-38622

In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...

5.5CVSS5.3AI score0.0016EPSS
Exploits0
Cvelist
Cvelist
added 2025/08/22 4:0 p.m.11 views

CVE-2025-38622 net: drop UFO packets in udp_rcv_segment()

In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...

0.0016EPSS
Exploits0References9
OSV
OSV
added 2025/08/22 4:0 p.m.5 views

CVE-2025-38622 net: drop UFO packets in udp_rcv_segment()

In the Linux kernel, the following vulnerability has been resolved: net: drop UFO packets in udprcvsegment When sending a packet with virtionethdr to tun device, if the gsotype in virtionethdr is SKBGSOUDP and the gsosize is less than udphdr size, below crash may happen. ------------ cut here...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2025/08/15 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-30161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Qt 6.5.4, 6.5.5, and 6.6.2, QNetworkReply header data might be accessed via a dangling pointer in Qt for WebAssembly wasm. Earlier and later versions are...

6.5CVSS6.6AI score0.00452EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/06/11 1:1 a.m.3 views

kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().

In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...

5.5CVSS6.7AI score0.00285EPSS
Exploits0References5
OSV
OSV
added 2025/06/06 2:3 p.m.5 views

OESA-2025-1594 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: net: test for not too small csumstart in virtionethdrtoskb syzbot was able to trigger this warning 1, after injecting a malicious packet through afpacket, settin...

7.8CVSS6.5AI score0.00254EPSS
Exploits0References21
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.7 views

The vulnerability of Nomad application orchestrators, related to incorrect processing of network packet headers, allows attackers to escalate their privileges.

The vulnerability of Nomad application orchestrators is related to incorrect processing of network packet headers. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

5.3CVSS5.8AI score0.0054EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.11 views

The vulnerability of the netdevsim component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the netdevsim component in the Linux operating system’s kernel is related to improper handling of the network packet header in the nsimdevhealthbreakwrite function. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00203EPSS
Exploits0References15Affected Software8
AlmaLinux
AlmaLinux
added 2025/04/10 12:0 a.m.15 views

Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: crypto/x509: crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints CVE-2024-45341 golang: net/http: net/http: sensitive headers incorrectly sent after...

6.1CVSS7.1AI score0.00647EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from ipvlan not ensuring that the network header is in the linear portion of the skb, which could lead to...

5.5CVSS6.5AI score0.0018EPSS
Exploits0References7
OSV
OSV
added 2025/01/30 8:15 p.m.5 views

CVE-2024-10604

Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...

5.3CVSS5.8AI score0.00223EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.5 views

kernel: geneve: make sure to pull inner header in geneve_rx()

In the Linux kernel, the following vulnerability has been resolved: geneve: make sure to pull inner header in geneverx syzbot triggered a bug in geneverx 1 Issue is similar to the one I fixed in commit 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" We have to save...

5.5CVSS6.8AI score0.0025EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/10/21 6:2 p.m.27 views

CVE-2024-49947 net: test for not too small csum_start in virtio_net_hdr_to_skb()

In the Linux kernel, the following vulnerability has been resolved: net: test for not too small csumstart in virtionethdrtoskb syzbot was able to trigger this warning 1, after injecting a malicious packet through afpacket, setting skb-csumstart and thus the transport header to an incorrect value...

6.7AI score0.00234EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2024/10/12 7:0 a.m.3 views

net: drop bad gso csum_start and offset in virtio_net_hdr

...

5.5CVSS6.7AI score0.00212EPSS
Exploits0
OSV
OSV
added 2024/08/18 7:15 p.m.11 views

PYSEC-2024-260

A vulnerability in corydolphin/flask-cors version 4.0.1 allows the Access-Control-Allow-Private-Network CORS header to be set to true by default. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches,...

7.5CVSS6.7AI score0.00677EPSS
Exploits1References2
OSV
OSV
added 2024/07/29 7:15 a.m.5 views

DEBIAN-CVE-2024-41090

In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tapgetuserxdp path, which could cause a corrupted skb to be sent downstack. Even before the skb is...

7.1CVSS6AI score0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/20 9:42 a.m.36 views

CVE-2024-35973 geneve: fix header validation in geneve[6]_xmit_skb

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in genevexmit 1 Problem : While most ip tunnel helpers like iptunnelgetdsfield uses skbprotocolskb, true, pskbinetmaypull is only using...

6.4AI score0.0025EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/05/20 9:42 a.m.18 views

CVE-2024-35973 geneve: fix header validation in geneve[6]_xmit_skb

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve6xmitskb syzbot is able to trigger an uninit-value in genevexmit 1 Problem : While most ip tunnel helpers like iptunnelgetdsfield uses skbprotocolskb, true, pskbinetmaypull is only using...

6.8AI score0.0025EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2024/05/01 7:18 p.m.30 views

CVE-2024-27015

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: incorrect pppoe tuple pppoe traffic reaching ingress path does not match the flowtable entry because the pppoe header is expected to be at the network header offset. This bug causes a mismatch in the flow...

5.5CVSS7.1AI score0.00228EPSS
Exploits0References4
OSV
OSV
added 2024/04/17 11:15 a.m.13 views

AZL-40168 CVE-2024-26882 affecting package kernel for versions less than 6.6.29.1-3

In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: make sure to pull inner header in iptunnelrcv Apply the same fix than ones found in : 8d975c15c0cd "ip6tunnel: make sure to pull inner header in ip6tnlrcv" 1ca1ba465e55 "geneve: make sure to pull inner header in...

7.8CVSS6.2AI score0.00829EPSS
Exploits0References1
Rows per page
Query Builder