PT-2026-34712

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the dhcpMtu parameter to /cgi-bin/cstecgi.cgi...

CVE-2023-53752

CVE-2023-53752 is a Linux kernel vulnerability where kmalloc_reserve() truncates a 32-bit size, causing kmalloc_size_roundup(size) to yield 2^32 and leading to ZERO_SIZE_PTR allocations in skb paths. The root cause is a 32-bit obj_size, which can crash net/buffer handling when netdev mtu is near ...

Linux Distros Unpatched Vulnerability : CVE-2023-53752

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

CVE-2025-39985

In CVE-2025-39985, the Linux kernel’s mcba_usb CAN driver could bypass MTU enforcement via PF_PACKET, allowing a malformed CAN XL frame to reach xmit() and trigger a buffer overflow. The root cause is that mcba_usb does not populate net_device_ops->ndo_change_mtu(), so a user can set an invali...