CVE-2026-45970

In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlbarprecv during bond up/down The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still running,...

ROS-20260407-73-0014

A vulnerability in the sctprcv function of the net/sctp/input.c module of the Linux kernel is associated with the use of an uninitialized variable. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

net: sxgbe: fix potential NULL dereference in sxgbe_rx()

...

CVE-2025-55091 Potential out of bound read in _nx_ip_packet_receive()

In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxippacketreceive function when received an Ethernet with type set as IP but no IP data...

EUVD-2025-25579

Malicious code in bioql PyPI...

atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().

...

OESA-2025-1726 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more...

CVE-2022-49940 tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: add sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can happen when attempting to access the "gsm-receive" function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only call...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from ngsm not performing a null pointer check on gsm-receive, which could result in a null pointer dereference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the amtrcv function not releasing an incoming skb when a socket is not found, potentially leading to a memor...

DEBIAN-CVE-2022-49015

In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netifrx which may free it, after calling this, dereferencing skb may trigger use-after-free...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the sendrecv function in the drm/xe/ct subsystem, which could lead to a kernel...

kernel: tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: add sanity check for gsm-receive in gsmreceivebuf A null pointer dereference can happen when attempting to access the "gsm-receive" function in gsmldreceivebuf. Currently, the code assumes that gsm-recieve is only call...

CVE-2024-26861

In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receivingcounter.counter Syzkaller with KCSAN identified a data-race issue when accessing keypair-receivingcounter.counter. Use READONCE and WRITEONCE annotations to mark the data rac...

CVE-2023-40296

async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in ReceiveFrom and Receive in udpsocket.hpp when processing malformed UDP packets...

receive function allows any user to lose funds

Lines of code Vulnerability details Impact Lending ledger receive function allows for any user to send funds and lose them forever. Proof of Concept Any user that sends funds to the Lending Ledger contract through the receive function, can't withdraw their funds meaning they would be stuck in...

No Receive functiion in TemporalGovernor contract

Lines of code Vulnerability details Impact The function executeProposal in TemporalGovernor contract will fail, if there is a value to send with the call to the targets executeProposal function could send native token out along with a call to the targets encoded in vm.payload, but the current...

Attacker can Steal all eths of WETHRouter.sol through redeem function

Lines of code Vulnerability details Impact An attacker can Steal eths through redeem function in WETHRouter.sol as you know the contract does the redeem process and redeem user mTokens to ETHs, and as you know we have the function of mint which is the opposite of this and users deposit ETH in ord...

The NounsDAOLogicV3.sol contract has a receive function but no withdraw function.

Lines of code Vulnerability details Impact All Ether sent to the NounsDAOLogicV3.sol will be locked in the contract because it implements a receive function without a withdraw function. Proof of Concept The NounsDAOLogicV3.sol contract implements the receive function but does not have a withdraw...

NATIVE TOKENS TRANSFERRED TO THE LlamaAccount CONTRACT CAN GET STUCK

Lines of code Vulnerability details Impact In the LlamaAccount contract there is a payable recieve to receive native tokens as shown below: receive external payable Hence this contrat accepts native tokens sent to this. But the problem is if any amount of native token is sent to this contract via...