Lucene search
K

122 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 3:35 p.m.7 views

CVE-2026-52974

A flaw was found in the Linux kernel's network Transport Layer Security TLS module. Specifically, a memory leak occurs during the setup of receive offload when a particular function fails. This issue can lead to the gradual consumption of system memory. If exploited repeatedly, this could result ...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:39 a.m.8 views

CVE-2026-53235

Summary of technical details (CVE-2026-53235) : The Linux kernel GRO receive path had a bug in skb_gro_receive_list() where skb_pull(skb, skb_gro_offset(skb)) could run without ensuring the data is linear (missing pskb_may_pull() guard). When packets arrive via napi_gro_frags(), skb_headlen can b...

7.5CVSS5.7AI score0.00466EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:28 p.m.11 views

CVE-2026-52974

Summary of CVE-2026-52974 (Linux kernel net: tls): The leak is a memory leak in the TLS offload RX path where, if tls_set_device_offload_rx() fails in tls_dev_add(), the cleanup path does not free the anchor skb allocated in tls_strp_init(). This occurs in the “failed to start offload” code path ...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/22 6:28 a.m.8 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.5 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00129EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: The shift timestamp is now set to full 32 bits. In commit 1be37d3b0414 “can: mcan: fix periph RX path: use rx-offload to ensure that packets are sent from the softirq context”, the RX path for...

5.5CVSS5.5AI score0.00243EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.8 views

SUSE CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7CVSS5.3AI score0.00129EPSS
Exploits0References25
RedhatCVE
RedhatCVE
added 2026/06/09 1:41 p.m.10 views

CVE-2026-46323

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS5.4AI score0.00129EPSS
Exploits0References10
NVD
NVD
added 2026/06/09 1:16 p.m.17 views

CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS0.00129EPSS
Exploits0References12
OSV
OSV
added 2026/06/09 1:16 p.m.6 views

UBUNTU-CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS5.3AI score0.00129EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/09 12:11 p.m.12 views

EUVD-2026-35413

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

5.4AI score0.00129EPSS
Exploits0References5
CVE
CVE
added 2026/06/09 12:11 p.m.72 views

CVE-2026-46323

CVE-2026-46323 affects the Linux kernel’s networking GRO path. The issue occurs in skb_gro_receive() where fragments can be copied between the source and GRO skbs without respecting zerocopy status, notably when SKBFL_MANAGED_FRAG_REFS is set. When this flag is present, pages in shinfo->frags ...

7.8CVSS5.4AI score0.00129EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-47760

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The skb gro receive function fails to check the zerocopy status, specifically the SKBFL MANAGED FRAG REFS flag, when copying fragments between the source and Generic Receive Offload GRO...

7.8CVSS5.2AI score0.00129EPSS
Exploits0
OSV
OSV
added 2026/05/15 5:55 p.m.7 views

CLSA-2026-1778867412 kernel: Fix of CVE-2026-46300

net: skbuff: propagate shared-frag marker through skbgroreceive + skbshift CVE-2026-46300 - Revert "net: gro: propagate SKBFLSHAREDFRAG through skbgroreceive"...

7.8CVSS6AI score0.03663EPSS
Exploits11References1
Tenable Nessus
Tenable Nessus
added 2026/04/26 12:0 a.m.6 views

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014322)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014322 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the virtual interface's...

5.6AI score0.00191EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-011338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011338 advisory. In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the virtual interface's...

5.9AI score0.00191EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/18 6:31 p.m.5 views

EUVD-2026-12884

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

5.4AI score0.00114EPSS
Exploits0References5
OSV
OSV
added 2026/03/18 6:16 p.m.4 views

DEBIAN-CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

5.5CVSS5AI score0.00114EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/18 6:16 p.m.5 views

CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:41 p.m.6 views

CVE-2026-23254

In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...

5.4AI score0.00114EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder