Lucene search
K

210 matches found

RedHat Linux
RedHat Linux
added 2026/05/26 6:40 a.m.11 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.16 views

PT-2026-43342

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service...

4.7CVSS5.8AI score0.00092EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/23 8:1 a.m.11 views

Gnutls: gnutls: denial of service via dtls packet reordering vulnerability

...

7.5CVSS5.8AI score0.01335EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

The reordering of instructions resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR...

8.8CVSS7.2AI score0.01386EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed issues related to data races around sysctltcpmaxreordering. When modifying sysctltcpmaxreordering, it’s possible for multiple changes to occur simultaneously. Therefore, we need to add READONCE to its readers...

4.7CVSS6AI score0.00181EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 1:16 p.m.7 views

ALPINE-CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/18 12:44 p.m.89 views

CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS0.01335EPSS
Exploits0References22
CVE
CVE
added 2026/05/18 12:44 p.m.40 views

CVE-2026-42009

CVE-2026-42009 affects the GnuTLS library, where DTLS packet reordering uses a comparator that mishandles duplicate sequence numbers. This can cause unstable DTLS packet ordering or undefined behavior, leading to a denial of service. The vulnerability is described consistently across NVD entries ...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References23Affected Software4
Vulnrichment
Vulnrichment
added 2026/05/18 12:44 p.m.15 views

CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References22
ATTACKERKB
ATTACKERKB
added 2026/05/18 12:44 p.m.10 views

CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References23
RedhatCVE
RedhatCVE
added 2026/05/18 12:44 p.m.18 views

CVE-2026-42009

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.8AI score0.01335EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/11 2:13 p.m.23 views

SUSE CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

5.8AI score0.00132EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/08 11:30 p.m.9 views

CVE-2026-43427

A flaw was found in the Linux kernel's USB CDC WDM driver. Due to compiler optimizations or CPU out-of-order execution, a memory reordering issue can occur during the read operation. This can lead to the driver accessing uninitialized memory, potentially resulting in information disclosure to a...

7.1CVSS5.8AI score0.00132EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.14 views

EUVD-2026-28733

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

5.8AI score0.00132EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.12 views

CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

7.1CVSS5.8AI score0.00132EPSS
Exploits0References10
OSV
OSV
added 2026/05/08 3:16 p.m.6 views

UBUNTU-CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

7.1CVSS5.7AI score0.00132EPSS
Exploits0References11
CVE
CVE
added 2026/05/08 2:22 p.m.30 views

CVE-2026-43427

The CVE covers a Linux kernel issue in the usb: class: cdc-wdm read path. Due to compiler optimization or CPU out-of-order execution, desc->length could be updated after a memmove, causing wdm_read() to observe a new length and copy_to_user() from uninitialized memory, violating LKMM data race...

7.1CVSS5.8AI score0.00132EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:22 p.m.8 views

CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

7.1CVSS5.8AI score0.00132EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-39088

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reordering issue exists in the read code path of the usb class cdc-wdm. Due to compiler optimization or CPU out-of-order execution, the desc-length update may occur before the memmove...

7.1CVSS5.9AI score0.00132EPSS
Exploits0References130
Vulnrichment
Vulnrichment
added 2026/04/28 6:9 p.m.4 views

CVE-2026-41395 OpenClaw < 2026.3.28 - Webhook Replay via Query Parameter Reordering in Plivo V3

OpenClaw before 2026.3.28 contains a webhook replay vulnerability in Plivo V3 signature verification that canonicalizes query ordering for signatures but hashes raw URLs for replay detection. Attackers can reorder query parameters to bypass replay cache detection and trigger duplicate voice-call...

8.2CVSS5.2AI score0.00149EPSS
Exploits0References2
Rows per page
Query Builder