6 matches found
Advisory ROSA-SA-2026-3294
CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of the Linux kernel. A logical error occurs when transitioning a TCP socket to the espintcp mode after writing file data to the receive queue. The kernel processes file...
EUVD-2026-23032
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
CVE-2026-6245
CVE-2026-6245 affects the System Security Services Daemon (SSSD) PAM passkey responder. The pam_passkey_child_read_data() function mishandles raw bytes from a pipe, treating them as a NUL-terminated C string, causing an out-of-bounds read (Crash) and local DoS. Affected: SSSD PAM responder; vecto...
CVE-2026-6245
A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002626)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002626 advisory. fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service memory consumption ...
UBUNTU-CVE-2016-2847
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service memory consumption by creating many pipes with non-default sizes...