CVE-2026-43088

In the Linux kernel, the following vulnerability has been resolved: net: afkey: zero aligned sockaddr tail in PFKEY exports PFKEY export paths use pfkeysockaddrsize when reserving sockaddr payload space, so IPv6 addresses occupy 32 bytes on the wire. However, pfkeysockaddrfill initializes only th...

CVE-2026-43088

CVE-2026-43088 (Linux kernel) affects PF_KEY export paths in the net: af_key code, where IPv6 sockaddr payloads were not fully initialized in certain export messages (SADB_ACQUIRE, SADB_X_NAT_T_NEW_MAPPING, SADB_X_MIGRATE). The issue arises because pfkey_sockaddr_size() reserves 32 bytes for IPv6...

EUVD-2026-10334

The rtsockmsgbuffer function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddrstorage structure on the stack. It assumes that the source sockaddr length field had already been validated, but this is not necessarily the case, and it's...

CVE-2025-40123

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel's BPF subsystem. This...

bpf: Explicitly check accesses to bpf_sock_addr

...

Linux Distros Unpatched Vulnerability : CVE-2025-40078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Explicitly check accesses to bpfsockaddr Syzkaller found a kernel warning on the following sockaddr program: 0: r0 = 0 1: r2 = u32 r1 +60 2: exit which...

EUVD-2018-4003

Malware in sbrugna...

EUVD-2021-1701

Malware in sbrugna...

EUVD-2018-0210

Malware in sbrugna...

PT-2025-46598

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s BPF subsystem contains an issue where the expected attach type is not properly enforced for tailcall compatibility. A fuzzer tool discovered an uninitialized pointer...

CVE-2025-39678 platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/hsmp: Ensure sock-metrictbladdr is non-NULL If metric table address is not allocated, accessing metricsbin will result in a NULL pointer dereference, so add a check...

udp: Deal with race between UDP socket address change and rehash

...

Linux Distros Unpatched Vulnerability : CVE-2025-38618

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock: Do not allow binding to VMADDRPORTANY It is possible for a vsock to autobind to VMADDRPORTANY. This can cause a use-after-free when a connection is made ...

CVE-2025-38147

Technical details about CVE-2025-38147 (affected software, impact, exploitability, and fix specifics) are not publicly provided in the supplied documents. Please monitor for updates from vendors and security bulletins.

Linux Distros Unpatched Vulnerability : CVE-2024-57974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connec...

AZL-68748 CVE-2024-57974 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: udp: Deal with race between UDP socket address change and rehash If a UDP socket changes its local address while it's receiving datagrams, as a result of connect, there is a period during which a lookup operation might fail to fi...

PT-2025-3998 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD affected versions not specified Description: The ktrace facility logs the contents of kernel structures to userspace. In one case, ktrace dumps a variable-sized sockaddr to userspace, copying the full sockaddr even when it is shorter...

Denial Of Service (DoS)

proxy is vulnerable to Denial of Service DoS attacks. A malicious user is able to cause a TypeError exception via sending a crafted HTTP request through the socket.remoteAddress variable, resulting in denial of service conditions...

SUSE CVE-2005-0201

D-BUS dbus before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket...

SUSE CVE-2010-3850

The ecdevioctl function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2 does not require the CAPNETADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR ioctl call...