5627 matches found
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Free routing table on probe failure If complete is set to true in dsatreesetup, it means that we are the last switch in the tree that is being probed successfully. We should then set up all switches along our probe path...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: KVM: Do not corrupt the irqfd routing entry when deassigning an irqfd When deassigning a KVMIRQFD, do not corrupt the irqfd’s copy of the IRQ routing entry. Doing so will break the kvmarchirqbypassdelproducer function on x86 a...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed out-of-bound access in fib6addrt2node. syzbot reported an out-of-bound read in fib6addrt2node. 0 When an IPv6 route is created with RTANHID, the struct fib6info does not have the trailing struct fib6nh. The referenced...
CVE-2026-52925
In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...
UBUNTU-CVE-2026-52925
In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...
EUVD-2026-38728
In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...
CVE-2026-52925 vrf: Fix a potential NPD when removing a port from a VRF
In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...
[SECURITY] Fedora 44 Update: frr-10.6.1-1.fc44
FRRouting is free software that manages TCP/IP based routing protocols. It ta kes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...
PT-2026-51718
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Null Pointer Dereference NPD can occur when removing a port from a Virtual Routing and Forwarding VRF instance. RCU readers using netif is l3 slave may incorrectly assume that netdev...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ipv6: rpl: Reserve enough headroom for the MAC header when recompressing the SRH. The function ipv6rplsrhrcv decompresses the RFC 6554 Source Routing Header, swaps the next segment into ipv6hdr-daddr, recompresses it, and then...
Security Advisory 0142
Security Advisory 0142 PDF Date: June 23, 2026 Revision | Date | Changes ---|---|--- 1.0 | June 23, 2026 | Initial release 1.1 | July 8, 2026 | Updated Resolution and Mitigation sections The CVE-ID tracking this issue: CVE-2026-12546 CVSSv3.1 Base Score: 6.0...
CVE-2026-55602 http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass
http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses unanchored substring matching on attacker-controlled request...
CVE-2026-55602
http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses unanchored substring matching on attacker-controlled request...
CVE-2026-55602
The CVE-2026-55602 issue affects http-proxy-middleware (Node.js) versions 0.16.0 through 2.0.10, 3.0.6, and 4.1.0. The host+path router uses unanchored substring matching on attacker-controlled request metadata, enabling a crafted Host header that is a superstring match for a configured key to ro...
CVE-2026-55602 http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass
http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses unanchored substring matching on attacker-controlled request...
USN-8459-1: HAProxy vulnerabilities
It was discovered that HAProxy incorrectly handled the FCGI demultiplexer record length field. A remote attacker could possibly use this issue to cause incorrect request routing, response smuggling, or other memory safety issues. CVE-2026-55203 It was discovered that HAProxy failed to validate th...
CVE-2026-48772
A flaw was found in ProxySQL, a proxy for MySQL and its forks, as well as PostgreSQL. A remote attacker can exploit this vulnerability by sending a specially crafted PROXY protocol version 1 PP1 header with an 'UNKNOWN' protocol token. Despite the specification requiring these address fields to b...
kernel: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
A flaw was found in the Linux kernel. A local attacker can exploit an out-of-bounds write vulnerability when the kernel recomputes an IPv6 Source Routing Header SRH. This issue occurs because insufficient headroom is reserved during the recompression process, leading to memory corruption...
kernel: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
A flaw was found in the Linux kernel. A local attacker can exploit an out-of-bounds write vulnerability when the kernel recomputes an IPv6 Source Routing Header SRH. This issue occurs because insufficient headroom is reserved during the recompression process, leading to memory corruption...
[SECURITY] Fedora 43 Update: alertmanager-0.33.0-1.fc43
The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It a lso takes care of silencing and inhibition of alerts...