1130 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000348)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000348 advisory. A flaw was found in the HDLCPPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation i...
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2026-1002)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2026-1005)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()
...
SUSE CVE-2022-50655
In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the following: r0 = openat$ppp0xffffffffffffff9c, &0x7f0000000000, 0xc0802, 0x0 ioctl$PPPIOCNEWUNITr0, 0xc004743e, &0x7f00000000c0...
SUSE CVE-2023-53809
In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...
Linux Distros Unpatched Vulnerability : CVE-2022-50655
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the following: r0 = openat$ppp0xffffffffffffff9c, &0x7f0000000000, 0xc080...
EUVD-2023-60097
In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...
EUVD-2022-55701
In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the following: r0 = openat$ppp0xffffffffffffff9c, &0x7f0000000000, 0xc0802, 0x0 ioctl$PPPIOCNEWUNITr0, 0xc004743e, &0x7f00000000c0...
CVE-2025-14208
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...
CVE-2022-50655
In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the following: r0 = openat$ppp0xffffffffffffff9c, &0x7f0000000000, 0xc0802, 0x0 ioctl$PPPIOCNEWUNITr0, 0xc004743e, &0x7f00000000c0...
CVE-2025-14208
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...
CVE-2025-14208
CVE-2025-14208 affects D-Link DIR-823X devices up to 20250416. The vulnerability resides in the function sub_415028 of /goform/set_wan_settings, where manipulating the argument ppp_username leads to command injection. Exploitation can be performed remotely, and public proof-of-concept/exploit mat...
CVE-2025-14208 D-Link DIR-823X set_wan_settings sub_415028 command injection
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...
CVE-2025-14208 D-Link DIR-823X set_wan_settings sub_415028 command injection
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub415028 of the file /goform/setwansettings. The manipulation of the argument pppusername results in command injection. It is possible to launch the attack remotely. The exploit has been released to...
D-Link DIR-823X 命令注入漏洞
The D-Link DIR-823X is a wireless router from China-based AUO D-Link. A command injection vulnerability exists in the D-Link DIR-823X 20250416 and earlier versions, which stems from incorrect manipulation of the parameter pppusername in the file /goform/setwansettings, which can lead to command...
SUSE SLES15: cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc (SUSE-SU-2025:4301-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4301-1 advisory. The SUSE Linux Enterprise 15 SP6 RT kernel was updated to fix various security issues The following security issues were fixed: -...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
SUSE-SU-2025:4301-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister...
SUSE-SU-2025:21064-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38008: mm/pagealloc: fix race condition in unaccepted memory handling bsc1244939. - CVE-2025-38539: trace/fgraph: Fix the warning caused by...