9 matches found
SUSE CVE-2026-45905
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
CVE-2026-45905 xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path
In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...
PT-2026-43772
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the icmp route lookup function during the reverse path process for sending ICMP error messages with XFRM IPsec policies. When the system acts as a forwarding...
CVE-2026-20742 Copeland XWEB and XWEB Pro OS Command Injection
An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the templates route...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38324)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38324 advisory. - In the Linux kernel, the following vulnerability has been resolved: mpls: Use rcudereferencertnl in...
OESA-2025-1923 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipc: fix to protect IPCS lookups using RCU syzbot reported that it discovered a use-after-free vulnerability, 0 0: https://lore.kernel.org/all/CVE-2025-38212 In...
DEBIAN-CVE-2025-38324
In the Linux kernel, the following vulnerability has been resolved: mpls: Use rcudereferencertnl in mplsrouteinputrcu. As syzbot reported 0, mplsrouteinputrcu can be called from mplsgetroute, where is under RTNL. net-mpls.platformlabel is only updated under RTNL. Let's use rcudereferencertnl in...
The vulnerability of the mctproute_input() function in the implementation of the Management Component Transport Protocol (MCTP) kernel of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the mctprouteinput function in the net/mctp/route.c module, which is part of the Management Component Transport Protocol MCTP implementation in the Linux operating system, relates to the reutilization of previously freed memory. Exploiting this vulnerability could allow an...
security flaw
iprouteinput in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service panic via a request for a route for a multicast IP address, which triggers a null dereference...