Lucene search
K

14 matches found

RedHat Linux
RedHat Linux
added 2026/06/11 11:46 a.m.7 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.4AI score0.00514EPSS
Exploits0References5
NVD
NVD
added 2026/05/06 12:16 p.m.4 views

CVE-2026-43233

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodechoice In decodechoice, the boundary check before getlen uses the variable len, which is still 0 from its initialization at the top of the function: unsigned int type, ext, len = ...

8.2CVSS0.00463EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len...

8.2CVSS6AI score0.00443EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-23455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nfconntrackh323: check for zero length in DecodeQ931 In DecodeQ931, the UserUserIE code path reads a 16-bit length from the packet, then decrements i...

9.1CVSS6AI score0.00514EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/03 3:15 p.m.20 views

CVE-2026-23456 netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...

8.2CVSS0.00443EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/04/19 2:18 a.m.1 views

SUSE CVE-2024-26851

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2024/04/17 7:53 p.m.29 views

CVE-2024-26851

A vulnerability was found in the netfilter subsystem of the Linux kernel, specifically in the nfconntrackh323 module. This issue involves inadequate protection for BMP length values, potentially leading to out-of-range conditions. Mitigation Mitigation for this issue is either not available or th...

5.5CVSS7AI score0.0024EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/17 10:17 a.m.20 views

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

6.7AI score0.0024EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2024/04/17 10:17 a.m.24 views

CVE-2024-26851

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

5.5CVSS7.5AI score0.0024EPSS
Exploits0
Cvelist
Cvelist
added 2024/04/17 10:17 a.m.19 views

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

7.8AI score0.0024EPSS
Exploits0References8
CVE
CVE
added 2024/04/17 10:17 a.m.162 views

CVE-2024-26851

CVE-2024-26851 concerns the Linux kernel netfilter nf_conntrack_h323 path. The issue arises when decoding H.323 ras messages: an abnormal skb->data can cause the extension bitmap length to exceed 32, leading to a length-based shift that may become negative and trigger UBSAN reports. The workar...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.67 views

openSUSE 10 Security Update : kernel (kernel-4487)

This kernel update fixes the following security problems : - CVE-2007-3105: Stack-based buffer overflow in the random number generator RNG implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wake-up...

7.2CVSS5.8AI score0.0082EPSS
Exploits4References5
securityvulns
securityvulns
added 2007/08/17 12:0 a.m.61 views

Multiple Linux kernel vulnerabilities

nfconntrackh323 NULL pointer dereference, invalid suid applications parent process termination signal handling, privilege escalation on Intel 965 chipset...

7.8CVSS2AI score0.03872EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2007/08/15 12:0 a.m.39 views

DSA-1356-1 linux-2.6 - several vulnerabilities

Bulletin has no description...

7.8CVSS6AI score0.05035EPSS
Exploits0
Rows per page
Query Builder