2 matches found
CVE-2026-10646
Zephyr's BSD-sockets getaddrinfo implementation subsys/net/lib/sockets/getaddrinfo.c passes a pointer to a stack-allocated state object struct getaddrinfostate aistate as the userdata of an asynchronous DNS resolver query. The socket layer waits on a semaphore with a timeout deliberately set...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: TCP: Fixed the use-of-memory issue in nreq in reqsktimerhandler. The referenced commit replaced inetcskreqskqueuedropandput with inetcskreqskqueuedrop and reqskput in reqsktimerhandler. Next, oreq should be passed to reqskput...