163 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In cases where the non-paged data of an SKB contains a protocol header and payload that need to be transmitted on a platform where the DMA AXI address width is...
CVE-2026-7660
The Easy Updates Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'paged' parameter in versions up to, and including, 9.0.20 This is due to insufficient input sanitization and output escaping in the pagination function. This makes it possible for attackers to...
USN-8390-1 linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle vulnerability
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
USN-8389-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
CVE-2026-7660
The CVE concerns the Easy Updates Manager WordPress plugin (up to version 9.0.20). It is vulnerable to Reflected Cross-Site Scripting via the 'paged' parameter due to insufficient input sanitization and output escaping in the pagination() function, enabling injected scripts to run in pages when a...
CVE-2026-7660
The Easy Updates Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'paged' parameter in versions up to, and including, 9.0.20 This is due to insufficient input sanitization and output escaping in the pagination function. This makes it possible for attackers to...
EUVD-2026-32737
The Easy Updates Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'paged' parameter in versions up to, and including, 9.0.20 This is due to insufficient input sanitization and output escaping in the pagination function. This makes it possible for attackers to...
CVE-2026-7660 Easy Updates Manager <= 9.0.20 - Reflected Cross-Site Scripting via 'paged' Parameter
The Easy Updates Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'paged' parameter in versions up to, and including, 9.0.20 This is due to insufficient input sanitization and output escaping in the pagination function. This makes it possible for attackers to...
CVE-2026-7660 Easy Updates Manager <= 9.0.20 - Reflected Cross-Site Scripting via 'paged' Parameter
The Easy Updates Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'paged' parameter in versions up to, and including, 9.0.20 This is due to insufficient input sanitization and output escaping in the pagination function. This makes it possible for attackers to...
PT-2026-44205
The Easy Updates Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'paged' parameter in versions up to, and including, 9.0.20 This is due to insufficient input sanitization and output escaping in the pagination function. This makes it possible for attackers to...
CVE-2026-43503
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...
CVE-2026-43503 net: skbuff: propagate shared-frag marker through frag-transfer helpers
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...
CVE-2026-43503
The CVE-2026-43503 entry concerns Linux kernel net/skbuff handling: when frags are moved by frag-transfer helpers (notably __pskb_copy_fclone() and skb_shift()), the SKBFL_SHARED_FRAG flag was not propagated to the destination skb, causing destination pages to remain shared while skb_has_shared_f...
EUVD-2026-31536
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...
CVE-2026-43503
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...
PT-2026-42878
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.1-rc5 Description A local privilege escalation flaw, known as DirtyClone, exists in the Linux networking stack. The issue occurs because the SKBFL SHARED FRAG flag is not properly propagated through several...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021615)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021615 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:1959-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1959-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-5451...
SUSE-SU-2026:1899-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...
SUSE-SU-2026:1840-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264449. - CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present bsc1264450...