Lucene search
+L

56 matches found

astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftsetpipapo: clamp the maximum map bucket size to INTMAX Otherwise, a WARNONONCE error may occur in kvmallocnodenoprof when resizing the hashtable, because GFPNOWARN is not set. Similar issues include: b541ba7d1f5a...

7.8CVSS6.1AI score0.00189EPSS
Exploits0References4
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reported a crash when processing large batches of elements with a back-to-back add/remove pattern. Quoting Pablo: addelem"00000000" timeout 100 ms ... addelem"0000000X"...

5.9CVSS6.3AI score0.01287EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/05/09 12:56 a.m.12 views

CVE-2026-43453

A flaw was found in the Linux kernel's netfilter component, specifically within the nftsetpipapo module. The pipapodrop function performs a stack out-of-bounds read. This occurs when an argument is evaluated at the call site before the function body executes, leading to a read beyond the allocate...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References3
osv
osv
added 2026/05/08 3:16 p.m.8 views

UBUNTU-CVE-2026-43453

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: fix stack out-of-bounds read in pipapodrop pipapodrop passes rulemapi + 1.n to pipapounmap as the tooffset argument on every iteration, including the last one where i == m-fieldcount - 1. This reads one...

7.1CVSS5.6AI score0.00126EPSS
Exploits0References11
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.13 views

PT-2026-39114

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.10 through 6.19 Description A stack out-of-bounds read exists in the nftables pipapo set backend within the pipapo drop function. The issue occurs because the function passes rulemapi + 1.n to pipapo unmap as the to...

9.1CVSS5.8AI score0.00514EPSS
Exploits0References96
nvd
nvd
added 2026/05/06 10:16 a.m.12 views

CVE-2026-43114

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapoavx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching functions are used. The test first loads a ranomly generated pipapo set with 'ipv4 . port' key, i.e. nft -...

9.4CVSS0.00356EPSS
Exploits0References11
cnnvd
cnnvd
added 2026/05/06 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an error in the mask used by the nftsetpipapoavx2 function when matching expired entries, which may lead...

9.4CVSS5.8AI score0.00356EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.10 views

PT-2026-37424

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter component, specifically within the nft set pipapo avx2 function. When AVX2 matching functions are used, the system may incorrectly return a non-matching...

9.4CVSS5.8AI score0.00356EPSS
Exploits0
nessus
nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012966)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012966 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over current view on netlink dump The generation mask can be update...

5.5CVSS6.8AI score0.00277EPSS
Exploits0References4
nessus
nessus
added 2026/04/21 12:0 a.m.9 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012987)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012987 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: do not free live element Pablo reports a crash with large batches of...

5.9CVSS6.4AI score0.01287EPSS
Exploits0References4
euvd
euvd
added 2026/03/25 12:30 p.m.5 views

EUVD-2026-15323

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

5.7AI score0.00125EPSS
Exploits0References7
ubuntucve
ubuntucve
added 2026/03/25 11:16 a.m.13 views

CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References32
attackerkb
attackerkb
added 2026/03/25 10:27 a.m.3 views

CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References9Affected Software1
cvelist
cvelist
added 2026/03/25 10:27 a.m.25 views

CVE-2026-23351 netfilter: nft_set_pipapo: split gc into unlink and reclaim phase

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS0.00125EPSS
Exploits0References8
debiancve
debiancve
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS5.3AI score0.00125EPSS
Exploits0
cve
cve
added 2026/03/25 10:27 a.m.29 views

CVE-2026-23351

CVE-2026-23351 affects the Linux kernel netfilter nft_set_pipapo data type. The issue is a use-after-free in the pipapo set when many elements are expired and the commit-time garbage collection (GC) can run for a long time in a non-preemptible context, triggering soft lockups and RCU stalls. The ...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References10Affected Software1
nessus
nessus
added 2026/03/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23351

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports...

7.8CVSS6.2AI score0.00125EPSS
Exploits0References3
nessus
nessus
added 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-27017)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27017 advisory. - In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: walk over curre...

5.5CVSS6.7AI score0.00277EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/01/01 12:0 a.m.14 views

PT-2026-27716

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a use-after-free issue within the pipapo set type in the netfilter module. A large number of expired elements can cause the garbage collection process to run fo...

7.8CVSS5.8AI score0.00125EPSS
Exploits0
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-30866

Malicious code in bioql PyPI...

6.3AI score
Exploits0References4
Rows per page
Query Builder