CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

413 matches found

OSV•added 2024/12/27 3:15 p.m.•1 views

DEBIAN-CVE-2024-56633

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: Fix the skmemuncharge logic in tcpbpfsendmsg The current sk memory accounting logic in SKREDIRECT is pre-uncharging tosend bytes, which is either msg-sg.size or a smaller value applybytes. Potential problems with this...

7.8CVSS5.6AI score0.00022EPSS

Exploits0References1

OSV•added 2024/12/27 3:15 p.m.•0 views

UBUNTU-CVE-2024-56633

7.8CVSS6.2AI score0.00022EPSS

Exploits0References46

CNNVD•added 2024/12/27 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates in the skmemuncharge logic of the tcpbpfsendmsg function in the tcpbpf module...

7.8CVSS6.6AI score0.00022EPSS

Exploits0References8

RedHat Linux•added 2024/11/13 3:59 p.m.•2 views

kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data races in unixreleasesock/unixstreamsendmsg A data-race condition has been identified in afunix. In one data path, the write function unixreleasesock atomically writes to sk-skshutdown using WRITEONCE. However, on...

4.7CVSS6.7AI score0.0002EPSS

Exploits0References5

SUSE CVE•added 2024/09/19 3:9 a.m.•1 views

SUSE CVE-2024-46783

In the Linux kernel, the following vulnerability has been resolved: tcpbpf: fix return value of tcpbpfsendmsg When we cork messages in psock-cork, the last message triggers the flushing will result in sending a skmsg larger than the current message size. In this case, in tcpbpfsendverdict, 'copie...

5.5CVSS6.3AI score0.00016EPSS

Exploits0References18

OSV•added 2024/09/18 8:15 a.m.•0 views

DEBIAN-CVE-2024-46783

5.5CVSS5.6AI score0.00016EPSS

Exploits0References1

Debian CVE•added 2024/09/18 7:12 a.m.•12 views

CVE-2024-46783

5.5CVSS5.6AI score0.00016EPSS

Exploits0

RedHat Linux•added 2024/09/03 3:48 p.m.•1 views

kernel: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg

4.7CVSS6.7AI score0.0002EPSS

Exploits0References5

OSV•added 2024/08/31 2:15 p.m.•0 views

UBUNTU-CVE-2024-44946

In the Linux kernel, the following vulnerability has been resolved: kcm: Serialise kcmsendmsg for the same socket. syzkaller reported UAF in kcmrelease. 0 The scenario is 1. Thread A builds a skb with MSGMORE and sets kcm-seqskb. 2. Thread A resumes building skb from kcm-seqskb but is blocked by...

5.5CVSS6.2AI score0.00231EPSS

Exploits0References23

OSV•added 2024/08/29 11:15 a.m.•21 views

CVE-2021-4442

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

5.5CVSS6.6AI score

Exploits0References5

UbuntuCve•added 2024/08/29 11:15 a.m.•17 views

CVE-2021-4442

5.5CVSS6.4AI score0.00023EPSS

Exploits1References7

CVE•added 2024/08/29 9:5 a.m.•97 views

CVE-2021-4442

CVE-2021-4442 – The Linux kernel TCP stack vulnerability described as: a syzkaller repro could cause RCV_SEQ to be advanced after data restoration in the receive queue, enabling an out-of-order or invalid sequence handling when TCP_QUEUE_SEQ is used on non-empty queues. The connected documents (A...

5.5CVSS6.7AI score0.00023EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2024/08/29 9:5 a.m.•16 views

CVE-2021-4442 tcp: add sanity tests to TCP_QUEUE_SEQ

7AI score0.00023EPSS

Exploits1References5

RedHat Linux•added 2024/08/08 4:44 a.m.•1 views

kernel: ipv4: Fix uninit-value access in __ip_make_skb()

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...

4.7CVSS6.8AI score0.00011EPSS

Exploits0References5

RedhatCVE•added 2024/07/16 10:25 p.m.•13 views

CVE-2022-48819

In the Linux kernel, the following vulnerability has been resolved: tcp: take care of mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing sendpage and sendmsgMSGZEROCOPY calls over the same TCP socket would again trigger the infamous warning in inetsockdestruct WARNONskforwardallocgetsk...

5.5CVSS6.9AI score0.00033EPSS

Exploits0References4

NVD•added 2024/07/16 12:15 p.m.•10 views

CVE-2022-48819

5.5CVSS0.00033EPSS

Exploits0References2

UbuntuCve•added 2024/07/16 12:15 p.m.•14 views

CVE-2022-48819

5.5CVSS5.8AI score0.00033EPSS

Exploits0References4

CVE•added 2024/07/16 11:44 a.m.•47 views

CVE-2022-48819

Summary: CVE-2022-48819 affects the Linux kernel TCP path. When mixing sendpage() data and MSG_ZEROCOPY via the same socket, a warning in inet_sock_destruct() (sk_forward_alloc_get(sk)) could be triggered, due to the sendpage() path being forgotten in zerocopy handling and the need to keep zeroco...

5.5CVSS6.5AI score0.00033EPSS

Exploits0References2Affected Software1

Debian CVE•added 2024/07/16 11:44 a.m.•13 views

CVE-2022-48819

5.5CVSS5.4AI score0.00033EPSS

Exploits0

Vulnrichment•added 2024/07/16 11:44 a.m.•9 views

CVE-2022-48819 tcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case

6.8AI score0.00033EPSS

Exploits0References2

Rows per page