679 matches found
CVE-2026-53516
Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, Better Auth's OAuth callback auto-link gate in handleOAuthUserInfo accepts implicit account linking when the OAuth provider asserts emailverified: true without requiring the local user row's emailVerified...
CVE-2026-53516 Better Auth: Account takeover via OAuth auto-link to unverified pre-registered email
Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, Better Auth's OAuth callback auto-link gate in handleOAuthUserInfo accepts implicit account linking when the OAuth provider asserts emailverified: true without requiring the local user row's emailVerified...
CVE-2026-53516
Summary: CVE-2026-53516 affects Better Auth (
SUSE-SU-2026:2841-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-31771: Bluetooth: Ignore HCIERRORCANCELLEDBYHOST on adv set terminated event bsc1264145. - CVE-2026-43038: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach...
CVE-2026-52937
A flaw was found in the Linux kernel's tap driver. This vulnerability allows an attacker to potentially disclose sensitive kernel stack memory contents to userspace. The flaw occurs in the tapioctl function when handling the SIOCGIFHWADDR command, where uninitialized portions of a stack-allocated...
CVE-2026-52937
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
UBUNTU-CVE-2026-52937
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
CVE-2026-52937
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
CVE-2026-52937
CVE-2026-52937 concerns the Linux kernel where the tap_ioctl() path handling SIOCGIFHWADDR leaks kernel stack contents by copying 16 bytes of an uninitialised sockaddr_storage to userspace. Specifically, netif_get_mac_address() writes only sa_family and dev->addr_len (6 bytes), leaving sa_data...
CVE-2026-52937 tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR
In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...
PT-2026-51730
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A stack information leak exists in the tap ioctl function during the SIOCGIFHWADDR path. The function copies 16 bytes of an uninitialized on-stack sockaddr storage structure to userspace...
Linux Distros Unpatched Vulnerability : CVE-2026-52937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to...
RHSA-2026:28038 Red Hat Security Advisory: gvisor-tap-vsock security update
Bulletin has no description...
RHEL 9 : gvisor-tap-vsock (RHSA-2026:28038)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28038 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vso...
Important: Red Hat Security Advisory: gvisor-tap-vsock security update
An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
SUSE CVE-2026-46320
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...
CVE-2026-46321
A flaw was found in the Linux kernel. A local attacker with access to the tun/tap device can exploit this vulnerability. By sending network frames shorter than the expected header length, the system fails to free allocated memory pages, leading to memory leaks. This can exhaust system memory,...
CVE-2026-46320
A flaw was found in the Linux kernel's tap driver. This vulnerability occurs in the tapgetuserxdp function, where allocated memory pages are not properly freed when processing rejected network frames. Specifically, if a frame is shorter than the expected Ethernet header length or if memory...
CVE-2026-46320
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...
UBUNTU-CVE-2026-46320
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...