Lucene search
K

165 matches found

CVE
CVE
added 2 days ago8 views

CVE-2026-53365

CVE-2026-53365 concerns the Linux kernel patch for vsock/virtio zerocopy completion across multi-skb sends. The fix ensures zerocopy uarg is allocated before the send loop and attached to every skb via skb_zcopy_set(), so each skb carries a reference and completion decrements correctly. This prev...

6AI score0.00155EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53223

In the Linux kernel, the following vulnerability has been resolved: net: guard timestamp cmsgs to real error queue skbs skbiserrqueue treats PACKETOUTGOING as the sole marker for an skb from skerrorqueue. That assumption is not true for AFPACKET sockets: outgoing packet taps are also delivered to...

7.1CVSS5.7AI score0.00131EPSS
Exploits0
OSV
OSV
added 2026/06/22 4:34 p.m.6 views

SUSE-SU-2026:2494-1 Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise Kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache bsc1261640. - CVE-2026-31504: net: fix fanout UAF in packetrelease via NETDEVUP race...

9.8CVSS6.4AI score0.0049EPSS
Exploits7References9
RedHat Linux
RedHat Linux
added 2026/06/22 6:44 a.m.5 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00137EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2026/06/22 6:28 a.m.10 views

kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs

A flaw was found in the Linux kernel's Generic Receive Offload GRO networking subsystem. This vulnerability occurs when skbgroreceive attempts to merge zerocopy socket buffers skbs without properly managing page reference counts, specifically when the SKBFLMANAGEDFRAGREFS flag is set. An attacker...

7.8CVSS6.1AI score0.00137EPSS
Exploits0References11
OSV
OSV
added 2026/06/09 1:16 p.m.9 views

UBUNTU-CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS5.3AI score0.00137EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/09 12:11 p.m.11 views

CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS5.3AI score0.00137EPSS
Exploits0
OSV
OSV
added 2026/06/09 12:11 p.m.1 views

CVE-2026-46323 net: gro: don't merge zcopy skbs

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS6.5AI score0.00137EPSS
Exploits0References16
Ubuntu
Ubuntu
added 2026/06/04 9:13 p.m.19 views

USN-8390-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.93235EPSS
Exploits31
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:50 p.m.8 views

CVE-2026-46267

In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freeing context llcshdlcdeinit purges SHDLC skb queues and frees the llcshdlc structure while its timers and state machine work may still be active. Timer callbacks can schedule smwork...

5.7AI score0.00121EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of socket-level IV buffers in asynchronous AEAD requests within algifaead. This can lead ...

5.8AI score0.00123EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/20 10:49 a.m.16 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References6
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tls: Purged asynchold from the tlsdecryptasyncwait function. The asynchold queue retains encrypted input data while the AEAD engine references their scatterlist data. Once tlsdecryptwait returns, every AEAD operation is completed...

7.5CVSS5.7AI score0.00238EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

The network backend may cause Linux netfront to use freed SKBs. While adding logic to support XDP eXpress Data Path, a code label was moved in a way that allows SKBs to retain references pointers for further processing, so that they can still be freed...

7.8CVSS6.7AI score0.00349EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.11 views

SUSE SLES15 Security Update : kernel (Live Patch 28 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1875-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1875-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.113 fixes one security issue The following security issue was fixed: - CVE-2026-4328...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References4
OSV
OSV
added 2026/05/18 11:11 a.m.7 views

SUSE-SU-2026:21767-1 Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.29.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References3
OSV
OSV
added 2026/05/18 9:34 a.m.8 views

SUSE-SU-2026:1960-1 Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.51 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS6AI score0.93235EPSS
Exploits31References3
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.21 views

SUSE SLES15 Security Update : kernel RT (Live Patch 4 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1858-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1858-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.16 fixes one security issue The following security issue was fixed: - CVE-2026-43284:...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References4
OSV
OSV
added 2026/05/14 7:56 a.m.6 views

SUSE-SU-2026:21672-1 Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS5.8AI score0.93235EPSS
Exploits31References3
OSV
OSV
added 2026/05/14 7:20 a.m.5 views

SUSE-SU-2026:21695-1 Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

8.8CVSS6.1AI score0.93235EPSS
Exploits31References3
Rows per page
Query Builder