Lucene search
+L

193 matches found

cvelist
cvelist
added 2025/01/31 11:25 a.m.21 views

CVE-2025-21683 bpf: Fix bpf_sk_select_reuseport() memory leak

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix bpfskselectreuseport memory leak As pointed out in the original comment, lookup in sockmap can return a TCP ESTABLISHED socket. Such TCP socket may have had SOATTACHREUSEPORTEBPF set before it was ESTABLISHED. In other...

0.00214EPSS
Exploits0References6
redhatcve
redhatcve
added 2024/12/29 2:23 p.m.10 views

CVE-2024-53168

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

5.5CVSS6.5AI score0.00245EPSS
Exploits0References4
nvd
nvd
added 2024/12/27 2:15 p.m.8 views

CVE-2024-53168

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

7.8CVSS0.00245EPSS
Exploits0References4
osv
osv
added 2024/12/27 2:15 p.m.1 views

UBUNTU-CVE-2024-53168

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

7.8CVSS6.5AI score0.00245EPSS
Exploits0References48
vulnrichment
vulnrichment
added 2024/12/27 1:49 p.m.9 views

CVE-2024-53168 sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

7.2AI score0.00245EPSS
Exploits0References4
osv
osv
added 2024/12/27 1:49 p.m.12 views

CVE-2024-53168 sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

7.8CVSS5.9AI score0.00245EPSS
Exploits0References7
cvelist
cvelist
added 2024/12/27 1:49 p.m.39 views

CVE-2024-53168 sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr ffff888111f322cd by task swapper/0/0 CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not...

0.00245EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2024/11/28 12:0 a.m.6 views

PT-2024-35613

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc4-dirty Description A use-after-free issue has been identified in the Linux kernel's sunrpc module, specifically related to the kernel's TCP socket handling. This issue arises when the TCP socket in a...

7.8CVSS5.4AI score0.00245EPSS
Exploits0
nessus
nessus
added 2024/08/22 12:0 a.m.19 views

CBL Mariner 2.0 Security Update: kernel (CVE-2024-41007)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41007 advisory. - In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets I...

3.3CVSS6AI score0.00227EPSS
Exploits0References2
redhatcve
redhatcve
added 2024/07/16 10:25 p.m.20 views

CVE-2022-48819

In the Linux kernel, the following vulnerability has been resolved: tcp: take care of mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing sendpage and sendmsgMSGZEROCOPY calls over the same TCP socket would again trigger the infamous warning in inetsockdestruct WARNONskforwardallocgetsk...

5.5CVSS6.9AI score0.00229EPSS
Exploits0References4
nvd
nvd
added 2024/07/16 12:15 p.m.31 views

CVE-2022-48819

In the Linux kernel, the following vulnerability has been resolved: tcp: take care of mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing sendpage and sendmsgMSGZEROCOPY calls over the same TCP socket would again trigger the infamous warning in inetsockdestruct WARNONskforwardallocgetsk...

5.5CVSS0.00229EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2024/07/16 12:15 p.m.36 views

CVE-2022-48819

In the Linux kernel, the following vulnerability has been resolved: tcp: take care of mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing sendpage and sendmsgMSGZEROCOPY calls over the same TCP socket would again trigger the infamous warning in inetsockdestruct WARNONskforwardallocgetsk...

5.5CVSS5.8AI score0.00229EPSS
Exploits0References4
cvelist
cvelist
added 2024/07/16 11:44 a.m.38 views

CVE-2022-48819 tcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case

In the Linux kernel, the following vulnerability has been resolved: tcp: take care of mixed splice/sendmsgMSGZEROCOPY case syzbot found that mixing sendpage and sendmsgMSGZEROCOPY calls over the same TCP socket would again trigger the infamous warning in inetsockdestruct WARNONskforwardallocgetsk...

0.00229EPSS
Exploits0References2
cve
cve
added 2024/07/16 11:44 a.m.56 views

CVE-2022-48819

Summary: CVE-2022-48819 affects the Linux kernel TCP path. When mixing sendpage() data and MSG_ZEROCOPY via the same socket, a warning in inet_sock_destruct() (sk_forward_alloc_get(sk)) could be triggered, due to the sendpage() path being forgotten in zerocopy handling and the need to keep zeroco...

5.5CVSS6.5AI score0.00229EPSS
Exploits0References2Affected Software1
ubuntucve
ubuntucve
added 2024/07/15 9:15 a.m.12 views

CVE-2024-41007

In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCPUSERTIMEOUT, and the other peer retracted its window to zero, tcpretransmittimer can retransmit a packet every two jiffies 2 ms for HZ=1000, for about 4 minutes...

3.3CVSS6.4AI score0.00227EPSS
Exploits0References25
cve
cve
added 2024/07/15 8:48 a.m.188 views

CVE-2024-41007

CVE-2024-41007 relates to a Linux kernel TCP issue where a socket using TCP_USER_TIMEOUT could have the retransmit timer emit packets for minutes after the user timeout expired if the peer reduced its window to zero. The underlying cause was tcp_retransmit_timer() ignoring icsk_user_timeout under...

3.3CVSS6.2AI score0.00227EPSS
Exploits0References9Affected Software1
packetstorm
packetstorm
added 2024/07/15 12:0 a.m.599 views

Havoc C2 0.7 Server-Side Request Forgery

Exploit Title: Havoc C2 0.7 Unauthenticated SSRF Date: 2024-07-13 Exploit Author: @chebuya Software Link: https://github.com/HavocFramework/Havoc Version: v0.7 Tested on: Ubuntu 20.04 LTS CVE: ? Description: This exploit works by spoofing a demon agent registration and checkins to open a TCP sock...

7.4AI score
Exploits0
githubexploit
githubexploit
added 2024/07/13 7:54 p.m.366 views

Exploit for Server-Side Request Forgery in Havocframework Havoc

CVE-2024-41570: Havoc-C2-SSRF-poc This vulnerability is exploi...

9.8CVSS9.4AI score0.02909EPSS
Exploits6
redhatcve
redhatcve
added 2024/06/20 10:53 a.m.23 views

CVE-2021-47594

In the Linux kernel, the following vulnerability has been resolved: mptcp: never allow the PM to close a listener subflow Currently, when deleting an endpoint the netlink PM treverses all the local MPTCP sockets, regardless of their status. If an MPTCP listener socket is bound to the IP matching...

5.5CVSS7AI score0.00208EPSS
Exploits0References4
githubexploit
githubexploit
added 2024/05/31 12:38 a.m.293 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

Resumen Técnico del Ataque: CVE-2023-46604 El script explota un...

10CVSS9.9AI score0.99654EPSS
Exploits31
Rows per page
Query Builder