19 matches found
Critical: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: netfilter: xt_tcpmss: check remaining length before reading optlen
A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RockyLinux 9 : kernel (RLSA-2026:21556)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21556 advisory. kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setti...
AlmaLinux 8 : kernel-rt (ALSA-2026:21745)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
CVE-2026-43190 netfilter: xt_tcpmss: check remaining length before reading optlen
In the Linux kernel, the following vulnerability has been resolved: netfilter: xttcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xttcpmss.c lines 53-68, the TCP option parser reads opi+1 directly without validating the remaining option length. If the last...
PT-2026-37530
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the TCP option parser within the net/netfilter/xt tcpmss.c file. The issue occurs when the code reads opi+1 without validating the remaining option length...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003148)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003148 advisory. The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4316)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4316 advisory. - Copy secureboot flag in boot params across kexec reboot Dave Young Orabug: 22066352 CVE-2015-7837 - ipv6: tcp: add rcu locking in tcpv6sendsynack...
EulerOS Virtualization 2.5.0 : kernel (EulerOS-SA-2018-1234)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function...
kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c
The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...
[SECURITY] [DLA 1369-1] linux security update
Package : linux Version : 3.2.101-1 CVE ID : CVE-2017-0861 CVE-2017-5715 CVE-2017-13166 CVE-2017-16526 CVE-2017-16911 CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-18017 CVE-2017-18203 CVE-2017-18216 CVE-2018-1068 CVE-2018-1092 CVE-2018-5332 CVE-2018-5333 CVE-2018-5750 CVE-2018-5803...
kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c
The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...
Virtuozzo 7 : readykernel-patch (VZA-2018-005)
According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - If the system uses iptables and there are iptables rules with TCPMSS action there, a remote attacker could cause a...
Kernel security update: CVE-2017-18017; Virtuozzo ReadyKernel patch 42.0 for Virtuozzo 7.0.4, 7.0.4 HF3, 7.0.5, 7.0.6, and 7.0.6 HF3
The cumulative Virtuozzo ReadyKernel patch was updated with a security fix. The patch applies to Virtuozzo kernels 3.10.0-514.16.1.vz7.30.10 Virtuozzo 7.0.4, 3.10.0-514.16.1.vz7.30.15 Virtuozzo 7.0.4 HF3, 3.10.0-514.26.1.vz7.33.22 Virtuozzo 7.0.5, 3.10.0-693.1.1.vz7.37.30 Virtuozzo 7.0.6, and...
Important kernel security update: CVE-2017-8824 and other; Virtuozzo ReadyKernel patch 42.0 for Virtuozzo 7.0.0, 7.0.1, and 7.0.3
The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-327.18.2.vz7.15.2 Virtuozzo 7.0.0, 3.10.0-327.42.0.vz7.18.7 Virtuozzo 7.0.1, and 3.10.0-327.42.0.vz7.20.18 Virtuozzo 7.0.3. Vulnerability id: CVE-2017-8824 A...
DEBIAN-CVE-2017-18017
The tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service use-after-free and memory corruption or possibly have unspecified other impact by leveraging the presence of xtTCPMSS in an...
Linux kernel denial of service vulnerability (CNVD-2018-02230)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in the tcpmssmanglepacket function in net/netfilter/xtTCPMSS.c in the Linux...