CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added yesterday•3 views

CVE-2026-46266

In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTORAW MUST drop incoming ICMP Yizhou Zhao reported that simply having one RAW socket on protocol IPPROTORAW 255 was dangerous. socketAFINET, SOCKRAW, 255; A malicious incoming ICMP packet can set the...

ATTACKERKB•added yesterday•1 views

CVE-2026-46266

Exploits0References6Affected Software1

CVE•added yesterday•2 views

CVE-2026-46266

The CVE-2026-46266 issue affects the Linux kernel’s RAW sockets using IPPROTO_RAW (255). A malicious incoming ICMP packet can set the protocol to 255 and match an existing RAW socket, potentially causing FNHE cache changes. The vulnerability is resolved in the Linux kernel by ensuring that incomi...

EUVD•added yesterday•2 views

EUVD-2026-34128

Cvelist•added yesterday•3 views

CVE-2026-46266 inet: RAW sockets using IPPROTO_RAW MUST drop incoming ICMP

Positive Technologies•added yesterday•2 views

PT-2026-46029

In the Linux kernel, the following vulnerability has been resolved: inet: RAW sockets using IPPROTO RAW MUST drop incoming ICMP Yizhou Zhao reported that simply having one RAW socket on protocol IPPROTO RAW 255 was dangerous. socketAF INET, SOCK RAW, 255; A malicious incoming ICMP packet can set...

RedHat Linux•added 2026/05/26 6:6 a.m.•5 views

Exploits0References6

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

A flaw was found in the Linux kernel's Controller Area Network CAN raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a...

7.8CVSS5.8AI score0.00016EPSS

RedHat Linux•added 2026/05/20 2:0 p.m.•15 views

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

7.8CVSS5.8AI score0.00016EPSS

RedHat Linux•added 2026/05/11 12:49 a.m.•2 views

kernel: can: raw: fix ro->uniq use-after-free in raw_rcv()

7.8CVSS5.8AI score0.00016EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: raw: Fix NULL deref in rawgetnext. Dae R. Jeong reported a NULL deref in rawgetnext 0. It seems that the repro was running these sequences in parallel so that one thread was iterating on a socket that was being freed in another...

5.5CVSS6.4AI score0.00017EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

The IPv6 implementation in the Linux kernel before version 6.3 has a maxsize threshold in the net/ipv6/route.c file that can be easily exceeded. This can lead to a denial of service condition, where the network becomes unreachable, resulting in errors when IPv6 packets are sent through a raw sock...

7.5CVSS6.6AI score0.00084EPSS

Exploits0References2

CVE•added 2026/04/23 11:12 a.m.•67 views

CVE-2026-31532

CVE-2026-31532 affects the Linux kernel’s raw CAN socket implementation. A use-after-free can occur when, during unregistration of CAN receive filters, the kernel defers receiver deletion with RCU and frees per-CPU storage ro->uniq too early in raw_release(). The fix moves free_percpu(ro->u...

7.8CVSS5.7AI score0.00016EPSS

Exploits0References9Affected Software1

Tenable Nessus•added 2026/04/21 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013255)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013255 advisory. basesockcreate in drivers/isdn/mISDN/socket.c in the AFISDN network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivilege...

3.3CVSS6.9AI score0.00088EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013253)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013253 advisory. ieee802154create in net/ieee802154/socket.c in the AFIEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that...

3.3CVSS6.9AI score0.00099EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013265)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013265 advisory. llcpsockcreate in net/nfc/llcpsock.c in the AFNFC network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users ca...

3.3CVSS7.2AI score0.00071EPSS

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013246)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013246 advisory. ax25create in net/ax25/afax25.c in the AFAX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users c...

3.3CVSS7.2AI score0.00087EPSS