Lucene search
K

13 matches found

OSV
OSV
added 2026/06/17 10:34 a.m.4 views

USN-8390-2 linux-azure, linux-gcp, linux-hwe, linux-oracle vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS7AI score0.93235EPSS
Exploits31References2
Ubuntu
Ubuntu
added 2026/06/17 10:34 a.m.16 views

USN-8390-2: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS5.8AI score0.93235EPSS
Exploits31
Ubuntu
Ubuntu
added 2026/06/04 9:13 p.m.19 views

USN-8390-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.93235EPSS
Exploits31
RedHat Linux
RedHat Linux
added 2026/05/21 2:4 p.m.4 views

kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS6.4AI score0.00135EPSS
Exploits7References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: RX, Fixed XDP multi-buf fragment counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls bpfxdppulldata or bpfxdpadjusttail. The referenced commit in the fixes ta...

7.5CVSS6.1AI score0.00402EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/24 2:45 p.m.7 views

CVE-2026-31649

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbofrm chain-mode implementation unconditionally computes len = nopagedlen - bmax; where nopagedlen = skbheadlenskb linear bytes only and bmax is BUFSIZE8KiB or BUFSIZE2KiB...

9.8CVSS6.1AI score0.00406EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.5 views

PT-2026-35001

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer underflow exists in the jumbo frm chain-mode implementation within the stmmac network driver. The issue occurs when a packet has a small linear portion but a large total lengt...

9.8CVSS5.8AI score0.00406EPSS
Exploits0
NVD
NVD
added 2025/09/15 3:15 p.m.4 views

CVE-2022-50323

In the Linux kernel, the following vulnerability has been resolved: net: do not sense pfmemalloc status in skbappendpagefrags skbappendpagefrags is used by afunix and udp sendpage implementation so far. In commit 326140063946 "tcp: TX zerocopy should not sense pfmemalloc status" we explained why ...

5.5CVSS0.00143EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.3 views

PT-2025-37625

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was identified in the Linux kernel where skb append pagefrags does not properly handle pfmemalloc status. This issue impacts the af unix and udp sendpage implementations. The...

5.7AI score0.00143EPSS
Exploits0References5
OSV
OSV
added 2025/02/26 7:0 a.m.2 views

UBUNTU-CVE-2022-49093

In the Linux kernel, the following vulnerability has been resolved: skbuff: fix coalescing for pagepool fragment recycling Fix a use-after-free when using pagepool with page fragments. We encountered this problem during normal RX in the hns3 driver: 1 Initially we have three descriptors in the RX...

7.8CVSS6.1AI score0.00244EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/03/27 4:26 a.m.4 views

SUSE CVE-2021-47152

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to...

5.5CVSS7.9AI score0.00232EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/25 12:0 a.m.6 views

PT-2024-11201 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the MPTCP protocol in the Linux kernel, where the mptcp frag can collapse to function assumes that only MPTCP will use the given page frag. However, if other...

5.5CVSS8.4AI score0.00232EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.4 views

PT-2022-34871 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: The issue is related to the skb append pagefrags function not checking the pfmemalloc status. This could potentially lead to security vulnerabilities, although the actual impact and attack...

7.2AI score
Exploits0References1
Rows per page
Query Builder