Lucene search
K

231 matches found

CVE
CVE
added 2 days ago18 views

CVE-2026-10665

CVE-2026-10665 concerns Zephyr’s WireGuard implementation (subsys/net/lib/wireguard). The flaw: wg_process_data_message() linearizes an inbound payload into a fixed pool buffer, passing the attacker-controlled data_len as both the destination capacity and copy length to net_buf_linearize, ignorin...

7.4CVSS6.2AI score0.00367EPSS
Exploits0References2
CVE
CVE
added 2026/06/26 2:50 p.m.126 views

CVE-2026-45257

CVE-2026-45257 : FreeBSD KTLS receive path decrypts in place, enabling an unprivileged local user to overwrite a file’s page cache via sendfile(2) data over a loopback connection when KTLS receive is enabled. This can corrupt the backing file and allow privilege escalation by overwriting setuid/t...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/25 9:16 a.m.13 views

CVE-2026-53235

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

7.5CVSS0.00466EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53184

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

7.5CVSS5.7AI score0.00506EPSS
Exploits0References9
OSV
OSV
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53235 net: add pskb_may_pull() to skb_gro_receive_list()

In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...

7.5CVSS5.8AI score0.00466EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: fix possible UAF in icmpv6rcv Caching saddr and daddr before pskbpull is problematic since skb-head can change. Remove these temporary variables: - We onl...

9.8CVSS5.6AI score0.00377EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.8 views

EUVD-2026-38941

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc: Clear HCIUARTPROTOINIT on error When hciregisterdev fails in hciuartregisterdev HCIUARTPROTOINIT is not cleared before calling hu-proto-closehu and setting hu-hdev to NULL. This means incoming UART data will...

5.8AI score0.00172EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: e1000: fixed an out-of-bounds error in e1000tbishouldaccept In e1000tbishouldaccept, we read the last byte of the frame via “datalength - 1” to evaluate the TBI workaround. If the descriptor’s reported length is zero or greater...

7.1CVSS6.2AI score0.00117EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: fix potential skb-frags overflow in the RX path When receiving data in the DPMAIF RX path, the t7xxdpmaifsetfragtoskb function adds page fragments to an skb without checking whether the number of fragments has...

8.4CVSS6AI score0.00136EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: sctp: Linearize cloned GSO packets in sctprcv. The cloned headskb still shares these frag SKBs in the fraglist with the original headskb. Accessing these frag SKBs is not safe. syzbot reported two bugs caused by the use of...

7.8CVSS6.7AI score0.00151EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51967

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Bluetooth component where HCI UART PROTO INIT is not cleared when hci register dev fails within the hci uart register dev function. This failure allows incoming UA...

6AI score0.00172EPSS
Exploits0References17
ATTACKERKB
ATTACKERKB
added 2026/06/22 11:58 p.m.5 views

CVE-2026-10658

A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In btisorecv subsys/bluetooth/host/iso.c, when processing PB=START/SINGLE fragments, the code pulls a TS SDU header 8 bytes, ts=1 or a non-TS SDU header 4 bytes, ts=0 without firs...

7.1CVSS5.9AI score0.00163EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.18 views

Astra Linux – Vulnerability in Linux 5.15

A null pointer dereference issue was detected in the can protocol in the net/can/afcan.c file in Linux before Linux. The mlpriv variable may not be initialized in the receive path of CAN frames. A local user could exploit this flaw to crash the system or potentially cause a denial of service...

5.5CVSS6.7AI score0.002EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2026/06/04 6:40 a.m.29 views

K000161576: Linux kernel vulnerabilities CVE-2025-39841 and CVE-2025-39727

Security Advisory Description CVE-2025-39841 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the ...

7.8CVSS6.8AI score0.00167EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:2 a.m.7 views

wifi: b43legacy: enforce bounds check on firmware key index in RX path

...

7.8CVSS5.4AI score0.00129EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-46110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC,...

7.5CVSS6.9AI score0.005EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 10:16 a.m.12 views

CVE-2026-46188

In the Linux kernel, the following vulnerability has been resolved: octeonepvf: add NULL check for napibuildskb napibuildskb can return NULL on allocation failure. In octepvfoqprocessrx, the result is used directly without a NULL check in both the single-buffer and multi-fragment paths, leading t...

5.5CVSS0.00127EPSS
Exploits0References4
OSV
OSV
added 2026/05/28 10:16 a.m.10 views

UBUNTU-CVE-2026-46188

In the Linux kernel, the following vulnerability has been resolved: octeonepvf: add NULL check for napibuildskb napibuildskb can return NULL on allocation failure. In octepvfoqprocessrx, the result is used directly without a NULL check in both the single-buffer and multi-fragment paths, leading t...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.10 views

CVE-2026-46163

In the Linux kernel, the following vulnerability has been resolved: wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware-controlled key index in b43legacyrx can exceed dev-maxnrkeys. The existing B43legacyWARNON is non-enforcing in production builds...

5.7AI score0.00129EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/05/28 9:36 a.m.16 views

EUVD-2026-32790

In the Linux kernel, the following vulnerability has been resolved: wifi: b43legacy: enforce bounds check on firmware key index in RX path Same fix as b43: the firmware-controlled key index in b43legacyrx can exceed dev-maxnrkeys. The existing B43legacyWARNON is non-enforcing in production builds...

5.8AI score0.00129EPSS
Exploits0References5
Rows per page
Query Builder