Lucene search
K

406 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/03 7:15 p.m.6 views

CVE-2026-14605

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1ccan.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach...

8.5CVSS6.2AI score0.00141EPSS
Exploits0References6
CVE
CVE
added 2026/07/03 7:15 p.m.20 views

CVE-2026-14605

CVE-2026-14605 affects RT-Thread up to 5.0.2. The vulnerability is in the function recvmsg within bsp/loongson/ls1cdev/libraries/ls1c_can.h of the ls1c CAN Handler . It enables a stack-based buffer overflow when processing input, with local access required to exploit. Public exploit code exists. ...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 12:16 a.m.13 views

CVE-2026-10643

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS0.0012EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/27 10:59 p.m.9 views

CVE-2026-10643

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS6AI score0.0012EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/27 10:59 p.m.8 views

CVE-2026-10643 Out-of-bounds heap write in Zephyr `recvmsg()` ancillary-data path (`insert_pktinfo` undersizes the control-buffer capacity check)

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS6.2AI score0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/27 10:59 p.m.30 views

CVE-2026-10643 Out-of-bounds heap write in Zephyr `recvmsg()` ancillary-data path (`insert_pktinfo` undersizes the control-buffer capacity check)

Zephyr's IP socket recvmsg implementation subsys/net/lib/sockets/socketsinet.c, insertpktinfo validated the user-supplied ancillary msgcontrol buffer using only the payload length msg-msgcontrollen pktinfolen before writing a full control message consisting of an aligned cmsg header plus the...

8.7CVSS0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/06/27 10:59 p.m.21 views

CVE-2026-10643

Zephyr CVE-2026-10643 affects the IP socket recvmsg() ancillary-data path (insert_pktinfo in subsys/net/lib/sockets/sockets_inet.c). A check only compared msg_controllen to pktinfo_len, omitting the cmsg header size, allowing an under-checked window (e.g., 16–27 bytes for IPv4 IP_PKTINFO on a 64‑...

8.7CVSS6.2AI score0.0012EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/27 12:0 a.m.27 views

PT-2026-53076

Name of the Vulnerable Software and Affected Versions Zephyr versions 3.6.0 through 4.4.0 Description An out-of-bounds write exists in the IP socket recvmsg implementation within the insert pktinfo function. The issue occurs because the system validates the user-supplied ancillary msg control...

8.7CVSS6.1AI score0.0012EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed a soft lockup in mptcprecvmsg syzbot reported a soft lockup in mptcprecvmsg 0. When receiving data with the MSGPEEK | MSGWAITALL flags, the skb is not removed from the skreceivequeue. This causes skwaitdata to always...

7.5CVSS5.8AI score0.00329EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: rds: Fixed a memory leak in rdsrecvmsg. Syzbot reported a memory leak in rds. The problem occurred when the reference count was not decremented in case of an error. The function rdsrecvmsgstruct socket sock, struct msghdr ms...

5.5CVSS5.7AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate lockless accesses to nlk-maxrecvmsglen. syzbot reported a data race in netlinkrecvmsg. Indeed, netlinkrecvmsg can be executed concurrently, and netlinkdump also requires protection. 1 Bug: KCSAN: Data race in...

5.9AI score0.00208EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: bpf, sockmap: Fixed an infinite loop issue when len is 0 in the tcpbpfrecvmsg parser. When the buffer length of the recvmsg system call is 0, a soft lockup problem occurred. watchdog: BUG: Soft lockup – CPU3 stuck for 27...

5.5CVSS6.1AI score0.00155EPSS
Exploits0References2
CVE
CVE
added 2026/05/01 2:15 p.m.12 views

CVE-2026-31774

The CVE-2026-31774 issue affects the Linux kernel io_uring/net path. A 32-bit length value (sqe->len) is stored into sr->len (int), allowing values above INT_MAX (e.g., 0xFFFFFFFF) to overflow and propagate through the bundle recv/send path. This can cause a slab-out-of-bounds read in io_bu...

7.1CVSS5.8AI score0.00125EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/27 11:9 a.m.5 views

CVE-2026-31677

A flaw was found in the Linux kernel's afalg Algorithm Interface component. This vulnerability allows a local attacker to cause a denial of service DoS by sending specially crafted requests. The afalggetrsgl function fails to properly limit the extraction of receive scatterlist RX SG data based o...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/25 8:46 a.m.6 views

EUVD-2026-25644

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - limit RX SG extraction by receive buffer budget Make afalggetrsgl limit each RX scatterlist extraction to the remaining receive buffer budget. afalggetrsgl currently uses afalgreadable only as a gate before...

5.6AI score0.00114EPSS
Exploits0References4
CVE
CVE
added 2026/04/25 8:46 a.m.39 views

CVE-2026-31677

The CVE-2026-31677 issue affects the Linux kernel af_alg path. The root cause is that af_alg_get_rsgl() could extract RX scatterlist data beyond the remaining receive budget, allowing a local attacker to trigger a DoS via recvmsg when there isn’t enough RX space for a chunk. The fix tightens budg...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.13 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013835)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013835 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013000)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013000 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk-maxrecvmsglen syzbot reported a data-race in data-race...

5.6AI score0.00208EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007348)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007348 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: afbluetooth: Fix deadlock Attemting to do socklock on .recvmsg may cause a deadlock as...

6.5CVSS6.4AI score0.00489EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29721

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to the handling of asynchronous decryption within the TLS Transport Layer Security protocol. Specifically, the async hold queue, used to manage...

7.8CVSS5.8AI score0.00238EPSS
Exploits0References265
Rows per page
Query Builder