Lucene search
K

20 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: inet: Sk-skrxdst was converted to RCU rules. The syzbot reported various issues related to early demux processing. One of these issues is included in this changelog 1. Sk-skrxdst uses RCU protection without proper documentatio...

7.8CVSS6.2AI score0.00451EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nbd: Always initialize struct msghdr completely. syzbot reports that the value of msg-msggetinq may be uninitialized 1. The struct msghdr has many new fields recently. We should always ensure that their values are zero by...

4.4CVSS6.1AI score0.00222EPSS
Exploits0References2
CVE
CVE
added 2026/04/05 3:34 a.m.21 views

CVE-2026-5590

CVE-2026-5590 describes a race condition during TCP connection teardown where tcp_recv() may operate on a released connection. If tcp_conn_search() returns NULL while processing a SYN, a NULL pointer from stale context data is passed to tcp_backlog_is_full() and dereferenced without validation, c...

6.4CVSS5.8AI score0.00198EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/05 3:34 a.m.5 views

CVE-2026-5590

A race condition during TCP connection teardown can cause tcprecv to operate on a connection that has already been released. If tcpconnsearch returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcpbacklogisfull and dereferenced without validatio...

6.4CVSS5.8AI score0.00198EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004215)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004215 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...

6.1CVSS7AI score0.00237EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003836)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003836 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...

6.1CVSS7AI score0.00237EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.7 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001141)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001141 advisory. It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread- unsafe. So an unprivileged multi-threaded userspace application...

6.1CVSS7AI score0.00237EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: In the TCP layer, the secpath process is dropped simultaneously with the current dst process. Xiumei reported encountering a warning in xfrm6tunnelnetexit while running tests that involve creating a pair of netns, running a basic...

5.5CVSS6.1AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/03/12 3:23 p.m.3 views

SUSE CVE-2025-21864

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

5.5CVSS7.6AI score0.002EPSS
Exploits0References17
OSV
OSV
added 2025/03/12 10:15 a.m.7 views

AZL-58524 CVE-2025-21864 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

5.5CVSS6.6AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2025/03/12 9:42 a.m.16 views

CVE-2025-21864 tcp: drop secpath at the same time as we currently drop dst

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

5.5CVSS5.9AI score0.002EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.18 views

Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12261)

The impact of this vulnerability is a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer overflow happens in the task calling recv/recvfrom/recvmsg. Applications that pass a buffer equal to or larger than a full TCP-window are not susceptible t...

9.8CVSS8AI score0.08967EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.25 views

Hirschmann HiOS Switches Classic Buffer Overflow (CVE-2019-12260)

This vulnerability could lead to a buffer overflow of up to a full TCP receive-window by default, 10k-64k depending on version. The buffer overflow happens in the task calling recv/recvfrom/recvmsg. Applications that pass a buffer equal to or larger than a full TCP-window are not susceptible to...

9.8CVSS8AI score0.22844EPSS
Exploits0References13
OSV
OSV
added 2024/03/18 11:15 a.m.2 views

DEBIAN-CVE-2024-26638

In the Linux kernel, the following vulnerability has been resolved: nbd: always initialize struct msghdr completely syzbot complains that msg-msggetinq value can be uninitialized 1 struct msghdr got many new fields recently, we should always make sure their values is zero by default. 1 BUG: KMSAN...

4.4CVSS5.4AI score0.00222EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/03/07 4:44 a.m.8 views

SUSE CVE-2021-47103

In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...

7CVSS6.2AI score0.00451EPSS
Exploits1References11
OSV
OSV
added 2024/03/04 6:15 p.m.6 views

CVE-2021-47103

In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...

7.8CVSS8.7AI score0.00451EPSS
Exploits1References7
OpenVAS
OpenVAS
added 2022/02/09 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2022-0045)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.5AI score0.02598EPSS
Exploits3References4
OSV
OSV
added 2022/02/02 9:29 p.m.5 views

MGASA-2022-0045 Updated connman packages fix security vulnerability

TCP Receive Path does not Check for Presence of Sufficient Header Data. CVE-2022-23096 Possibly invalid memory reference in 'strnlen' call in 'forwarddnsreply'. CVE-2022-23097 TCP Receive Path Triggers 100 % CPU loop if DNS server does not Send Back Data. CVE-2022-23098...

9.1CVSS8.3AI score0.02598EPSS
Exploits3References3
Ubuntu
Ubuntu
added 2012/08/10 6:21 p.m.83 views

USN-1529-1: Linux kernel vulnerabilities

A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM Kernel-based Virtual Machine to create a network bridge between host and guest. A privleged user in a guest could exploit this flaw to crash the host, if the vhostnet module is loaded with the...

7.8CVSS6.9AI score0.08738EPSS
Exploits11
Ubuntu
Ubuntu
added 2012/08/10 5:12 p.m.70 views

USN-1514-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM Kernel-based Virtual Machine to create a network bridge between host and guest. A privleged user in a guest could exploit this flaw to crash the host, if the vhostnet module is loaded with the...

7.8CVSS6.9AI score0.08738EPSS
Exploits11
Rows per page
Query Builder