Lucene search
K

127 matches found

OSV
OSV
added 2024/02/21 3:15 p.m.7 views

AZL-35812 CVE-2024-26583 affecting package kernel for versions less than 5.15.158.2-1

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

4.7CVSS6.2AI score0.00177EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 3:15 p.m.3 views

DEBIAN-CVE-2024-26583

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

4.7CVSS5.3AI score0.00177EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 3:15 p.m.9 views

DEBIAN-CVE-2024-26585

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

4.7CVSS5.4AI score0.0019EPSS
Exploits0References1
NVD
NVD
added 2024/02/21 3:15 p.m.28 views

CVE-2024-26585

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

4.7CVSS5.8AI score0.0019EPSS
Exploits0References6
OSV
OSV
added 2024/02/21 3:15 p.m.5 views

AZL-35474 CVE-2024-26583 affecting package hyperv-daemons for versions less than 6.6.22.1-2

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

4.7CVSS6.2AI score0.00177EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 3:15 p.m.17 views

AZL-35788 CVE-2024-26585 affecting package kernel for versions less than 6.6.22.1-2

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

4.7CVSS6.2AI score0.0019EPSS
Exploits0References1
OSV
OSV
added 2024/02/21 3:15 p.m.7 views

UBUNTU-CVE-2024-26583

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

4.7CVSS6.1AI score0.00177EPSS
Exploits0References26
UbuntuCve
UbuntuCve
added 2024/02/21 3:15 p.m.43 views

CVE-2024-26585

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

4.7CVSS6.3AI score0.0019EPSS
Exploits0References25
Vulnrichment
Vulnrichment
added 2024/02/21 2:59 p.m.44 views

CVE-2024-26585 tls: fix race between tx work scheduling and socket close

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

6.9AI score0.0019EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/02/21 2:59 p.m.38 views

CVE-2024-26585

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread recvmsg/sendmsg may exit as soon as the async crypto handler calls complete. Reorder scheduling the work before calling...

4.7CVSS7.4AI score0.0019EPSS
Exploits0
Cvelist
Cvelist
added 2024/02/21 2:59 p.m.32 views

CVE-2024-26583 tls: fix race between async notify and socket close

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

6.1AI score0.00177EPSS
Exploits0References5
OSV
OSV
added 2024/02/21 2:59 p.m.19 views

CVE-2024-26583 tls: fix race between async notify and socket close

In the Linux kernel, the following vulnerability has been resolved: tls: fix race between async notify and socket close The submitting thread one which called recvmsg/sendmsg may exit as soon as the async crypto handler calls complete so any code past that point risks touching already freed data...

4.7CVSS6AI score0.00177EPSS
Exploits0References9
CVE
CVE
added 2024/02/21 2:59 p.m.749 views

CVE-2024-26583

CVE-2024-26583 affects the Linux kernel TLS path. The issue is a race between async crypto notify completion and socket close, where the submitting thread could exit before the crypto handler finishes, risking touching data after it has been freed. The fix routes around this by reducing complex l...

4.7CVSS6.7AI score0.00177EPSS
Exploits0References6Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp

In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported 0 memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socketAFINET, SOCKDGRAM, 0...

5.5CVSS6.7AI score0.00149EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.5 views

SUSE CVE-2022-3977

A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...

7.8CVSS6.3AI score0.0025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.4 views

SUSE CVE-2022-31015

Waitress is a Web Server Gateway Interface server for Python 2 and 3. Waitress versions 2.1.0 and 2.1.1 may terminate early due to a thread closing a socket while the main thread is about to call select. This will lead to the main thread raising an exception that is not handled and then causing t...

5.3CVSS6.9AI score0.01342EPSS
Exploits1References4
OSV
OSV
added 2023/01/12 7:15 p.m.2 views

DEBIAN-CVE-2022-3977

A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...

7.8CVSS6.3AI score0.0025EPSS
Exploits0References1
Prion
Prion
added 2023/01/12 7:15 p.m.24 views

Design/Logic Flaw

A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...

4.3CVSS7.2AI score0.0025EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2022/11/15 11:55 a.m.3 views

kernel: mptcp: fix race on unaccepted mptcp sockets

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race on unaccepted mptcp sockets When the listener socket owning the relevant request is closed, it frees the unaccepted subflows and that causes later deletion of the paired MPTCP sockets. The mptcp socket's worker ca...

7.8CVSS6.1AI score0.00234EPSS
Exploits0References5
OSV
OSV
added 2022/11/14 12:0 a.m.2 views

UBUNTU-CVE-2022-3977

A use-after-free flaw was found in the Linux kernel MCTP Management Component Transport Protocol functionality. This issue occurs when a user simultaneously calls DROPTAG ioctl and socket close happens, which could allow a local user to crash the system or potentially escalate their privileges on...

7.8CVSS6.6AI score0.0025EPSS
Exploits0References7
Rows per page
Query Builder