56 matches found
UBUNTU-CVE-2026-46000
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the skbuff may be shared with a packet sniffer, which would lead to...
CVE-2026-43500
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...
UBUNTU-CVE-2026-43500
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...
CVE-2026-43500
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...
Linux kernel 缓冲区错误漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. The Linux kernel has a buffer error vulnerability, which stems from the lack of separation of paginated fragments during the processing of DATA and RESPONSE packets in...
Unbreakable Enterprise kernel security update
6.12.0-202.76.4.1 - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present Hyunwoo Kim Orabug: 39344513 CVE-2026-43500 - rxrpc: Fix conn-level packet handling to unshare RESPONSE packets David Howells Orabug: 39344513 - rxrpc: only handle RESPONSE during service challenge Wang Jie...
CLSA-2026-1778267481 Update of kernel-uek
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present - xfrm: esp: avoid in-place decrypt on shared skb frags...
CVE-2026-31676
A flaw was found in the rxrpc subsystem of the Linux kernel. This vulnerability allows for duplicate or late RESPONSE packets to be processed outside of the expected service challenging state. An attacker could potentially exploit this by sending specially crafted RESPONSE packets, leading to the...
CVE-2026-31676
In the Linux kernel, the following vulnerability has been resolved: rxrpc: only handle RESPONSE during service challenge Only process RESPONSE packets while the service connection is still in RXRPCCONNSERVICECHALLENGING. Check that state under statelock before running response verification and...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper state checking in the rxrpc service challenge phase. This vulnerability may lead to...
CVE-2021-31228
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker to predict a DNS query's source port in order to send forged DNS response packets that will be accepted as valid answers to the DNS client's requests without sniffing the specific request. Data is...
EUVD-2014-2208
Malware in sbrugna...
EUVD-2022-24647
Malicious code in bioql PyPI...
CVE-2024-3388
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal...
CVE-2023-35867
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service DoS situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle...
PT-2023-22598 · Unknown · Bluetooth Le Stack
Name of the Vulnerable Software and Affected Versions: Bluetooth LE stack affected versions not specified Description: Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access. Recommendations: At the moment, there is no information abo...
CVE-2022-33222
CVE-2022-33222 is a vulnerability described across multiple sources as an information disclosure caused by a buffer over-read when parsing DNS response packets in a Modem. The effect is a confidentiality impact (high) with no integrity/availability impact per the primary NVD entry, though CVSS ve...
undertow: Double AJP response for 400 from EAP 7 results in CPING failures
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second...
undertow: Double AJP response for 400 from EAP 7 results in CPING failures
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second...
CVE-2022-1319
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second...