CVE-2026-46330

The CVE-2026-46330 entry concerns the Linux kernel TCP ULP support for SMC. The vulnerability arises when an active TCP socket is converted into an SMC socket by in-place modifications to core VFS structures (struct file, dentry, inode), violating VFS invariants that expect these structures to be...

net: skbuff: preserve shared-frag marker during coalescing

...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: TCP: Handle the mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing calls to sendpage and sendmsgMSGZEROCOPY using the same TCP socket would trigger the infamous warning in inetsockdestruct. c WARNONskforwardallocgetsk;...

Malicious code in nicegui (npm)

Malicious npm package published by threat actor "ryanmccollum1" typosquatting the popular Python NiceGUI framework. Part of the same supply chain attack campaign as redeem-onchain-sdk, which collects SSH keys, AWS credentials, .npmrc tokens, Docker auth, Chrome saved logins, .env files, and git...

CVE-2026-23302

A flaw was found in the Linux kernel. This vulnerability involves data races within the networking subsystem, specifically related to how network socket pointers are handled concurrently by multiple central processing units CPUs. Without proper synchronization, this concurrent access can lead to...

SUSE-SU-2026:0473-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50347: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost bsc1249928. - CVE-2022-50580: blk-throttle: prevent overflow while calculating wait time bsc125254...

SUSE SLES15 Security Update : kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:0168-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0168-1 advisory. This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: ...

SUSE-SU-2026:0163-1 Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.150 fixes various security issues The following security issues were fixed: - CVE-2022-50233: bluetooth: device name can cause reading kernel memory by not supplying terminal \0 bsc1249242. - CVE-2022-50327: ACPI: processor: idle:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001376)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001376 advisory. In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to...

MiracleLinux 7 : kernel-3.10.0-957.10.1.el7 (AXSA:2019-3842:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3842:02 advisory. Security Fix - net/core/sock.c skclonelock Type Confusion CVE-2018-9568 - fs/proc/base.c procpidstack root CVE-2018-17972 - kernel/bpf/verifier.c...

EUVD-2025-36691

Incorrect access control on Dataphone A920 v2025.07.161103 exposes a service on port 8888 by default on the local network without authentication. This allows an attacker to interact with the device via a TCP socket without credentials. Additionally, sending an HTTP request to the service on port...

EUVD-2022-53116

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-25015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b...

CVE-2025-38475

CVE-2025-38475 : Linux kernel SMC sockets suffered from inet_sock type confusion causing oops/double-free behavior when freeing inet_opt due to smc_sock hijacking AF_INET/AF_INET6 fields. Root cause: smc_sock did not place inet_sock as the first member, allowing misinterpretation of function poin...

CVE-2022-31696

VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox...

Linux Distros Unpatched Vulnerability : CVE-2024-36484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time. Christoph reported the following splat: WARNIN...

Linux Distros Unpatched Vulnerability : CVE-2015-6937

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The rdsconncreate function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service NULL pointer dereference an...

CVE-2022-49085 drbd: Fix five use after free bugs in get_initial_state

In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in getinitialstate In getinitialstate, it calls notifyinitialstatedoneskb,.. if cb-args5==1. If genlmsgput failed in notifyinitialstatedone, the skb will be freed by nlmsgfreeskb. Then...

kernel: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket

A flaw was found in the Linux kernel's bpf programs. Under certain conditions, when the kernel attempts to initiate a network connection using the kernelconnect function, it can return a value that causes the cxtcpsetupsocket function to loop. This issue can lead to continuous data writing to the...

Ivanti Avalanche < v6.4.0.0 - Remote Code Execution Exploit

""" Exploit Title: Ivanti Avalanche IIIss'.formatself.namesize, self.valuesize, self.type, self.namesize, self.valuesize, self.name, self.value Create a header structure class HP: def initself, hdr, payload: self.hdr = hdr self.payload = payload self.pad = b'\x00' 16 - lenself.hdr + lenself.paylo...