Lucene search
K

16 matches found

NVD
NVD
added 2026/06/28 12:16 a.m.12 views

CVE-2026-10643

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS0.0012EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fixed an out-of-bounds shift in the group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the...

5.5CVSS5.9AI score0.00259EPSS
Exploits0References2
OSV
OSV
added 2025/02/26 7:0 a.m.1 views

DEBIAN-CVE-2022-49197

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

5.5CVSS5.2AI score0.00259EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.3 views

UBUNTU-CVE-2022-49197

In the Linux kernel, the following vulnerability has been resolved: afnetlink: Fix shift out of bounds in group mask calculation When a netlink message is received, netlinkrecvmsg fills in the address of the sender. One of the fields is the 32-bit bitfield nlgroups, which carries the multicast...

5.5CVSS5.8AI score0.00259EPSS
Exploits0References12
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.5 views

SUSE CVE-2010-1188

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

7.1CVSS6.6AI score0.03307EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.4 views

SUSE CVE-2017-6074

The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service double free via an application that makes an IPV6RECVPKTINF...

7.8CVSS5.9AI score0.0596EPSS
Exploits13References14
Broadcom
Broadcom
added 2017/05/02 12:0 a.m.6 views

BSA-2017-265

Security Advisory ID : BSA-2017-265 Component : Linux Kernel Revision : 2.0: Interim Thedccprcvstateprocessfunction in net/dccp/input.cin the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cau...

7.8CVSS7.7AI score0.0596EPSS
Exploits13
RedHat Linux
RedHat Linux
added 2017/03/14 2:50 p.m.4 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
RedHat Linux
RedHat Linux
added 2017/03/02 4:54 p.m.10 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
RedHat Linux
RedHat Linux
added 2017/03/01 3:44 p.m.2 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
RedHat Linux
RedHat Linux
added 2017/02/24 3:56 p.m.18 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
RedHat Linux
RedHat Linux
added 2017/02/22 4:22 p.m.4 views

kernel: use after free in dccp protocol

A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol DCCP implementation freed SKB socket buffer resources for a DCCPPKTREQUEST packet when the IPV6RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the...

7.8CVSS7.1AI score0.0596EPSS
Exploits13References5
OSV
OSV
added 2017/02/18 9:59 p.m.1 views

DEBIAN-CVE-2017-6074

The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service double free via an application that makes an IPV6RECVPKTINF...

7.8CVSS7.3AI score0.0596EPSS
Exploits13References1
OSV
OSV
added 2017/02/14 6:59 a.m.1 views

DEBIAN-CVE-2017-5970

The ipv4pktinfoprepare function in net/ipv4/ipsockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service system crash via 1 an application that makes crafted system calls or possibly 2 IPv4 traffic with invalid IP options...

7.5CVSS7.7AI score0.03915EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/05/18 10:3 p.m.3 views

kernel: ipv6: skb is unexpectedly freed

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

7.1CVSS5.8AI score0.03307EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/04/27 12:46 p.m.6 views

kernel: ipv6: skb is unexpectedly freed

Use-after-free vulnerability in net/ipv4/tcpinput.c in the Linux kernel 2.6 before 2.6.20, when IPV6RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service kernel panic via a SYN packet while the socket is in a listening TCPLISTEN state, which is not properl...

7.1CVSS5.8AI score0.03307EPSS
Exploits1References4
Rows per page
Query Builder