Lucene search
K

13 matches found

EUVD
EUVD
added 2026/06/24 7:14 a.m.9 views

EUVD-2026-38705

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

5.9AI score0.0012EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51706

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the batman-adv module. When a batadv hard iface is disabled, its mesh iface pointer is set to NULL. The function batadv v ogm send meshif may still...

6AI score0.00122EPSS
Exploits0References18
CVE
CVE
added 2026/06/16 1:13 p.m.13 views

CVE-2026-10637

CVE-2026-10637 describes a use-after-free in Zephyr’s IPv6 MLD path: after net_send_data(pkt) returns, the code reads net_pkt_iface(pkt) from a freed net_pkt, risking NULL or stale pointers and potential crash or memory corruption. The root cause is violating the network stack ownership contract;...

7.1CVSS5.4AI score0.00299EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/06/16 1:12 p.m.27 views

CVE-2026-10636 Use-after-free in Zephyr IPv4 IGMP send path (igmp_send)

In Zephyr's IPv4 IGMP implementation, igmpsend in subsys/net/ip/igmp.c read the network interface back out of the packet via netpktifacepkt after the packet had been handed to netsenddata. On the successful-send path the packet's last reference may already have been released by the L2 driver or b...

3.7CVSS0.00261EPSS
Exploits1References2
CVE
CVE
added 2026/06/16 1:12 p.m.28 views

CVE-2026-10636

CVE-2026-10636 affects Zephyr’s IPv4 IGMP send path (igmp_send) where net_pkt_iface(pkt) dereferences a freed net_pkt after handoff to net_send_data. The underlying cause is use-after-free: on the successful-send path the packet’s last reference may be released by the L2 driver or TX handling, ye...

3.7CVSS5.4AI score0.00261EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.28 views

CVE-2026-43186 ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()

In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in ioam6filltracedata On the receive path, ioam6filltracedata uses trace-nodelen to decide how much data to write for each node. It trusts this field as-is from the incoming packet, with no...

9.8CVSS0.00642EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/04/27 11:24 p.m.8 views

CVE-2026-41371

OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and force new session IDs without requiring admin sco...

8.5CVSS5.3AI score0.00255EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.6 views

CVE-2022-50854

In the Linux kernel, the following vulnerability has been resolved: nfc: virtualncidev: Fix memory leak in virtualncisend skb should be free in virtualncisend, otherwise kmemleak will report memleak. Steps for reproduction simulated in qemu: cd tools/testing/selftests/nci make ./ncidev BUG: memor...

5.7AI score0.00166EPSS
Exploits0References5
NVD
NVD
added 2025/12/09 4:17 p.m.6 views

CVE-2023-53839

In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the socket. Same thing in dodccpgetsockopt. Add READONCE/WRITEONCE annotations, and change dccpsendmsg to check again dccpsmsscache aft...

0.00225EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/12/05 4:8 p.m.4 views

CVE-2025-40264

No description is available for this CVE...

5.5CVSS6.5AI score0.00189EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/01 2:11 p.m.2 views

CVE-2022-49922 nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()

In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix potential memory leak in nfcmrvli2cncisend nfcmrvli2cncisend will be called by nfcmrvlncisend, and skb should be freed in nfcmrvli2cncisend. However, nfcmrvlncisend will only free skb when i2cmastersend return =...

6.1AI score0.00155EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/05/21 3:30 p.m.14 views

CVE-2023-52767 tls: fix NULL deref on tls_sw_splice_eof() with empty record

In the Linux kernel, the following vulnerability has been resolved: tls: fix NULL deref on tlsswspliceeof with empty record syzkaller discovered that if tlsswspliceeof is executed as part of sendfile when the plaintext/ciphertext skmsg are empty, the send path gets confused because the empty...

6.9AI score0.00172EPSS
Exploits0References3
OSV
OSV
added 2024/02/27 7:4 p.m.7 views

UBUNTU-CVE-2021-46973

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Avoid potential use after free in MHI send It is possible that the MHI ulcallback will be invoked immediately following the queueing of the skb for transmission, leading to the callback decrementing the refcount of the...

8.4CVSS5.8AI score0.00236EPSS
Exploits0References6
Rows per page
Query Builder