125 matches found
PYSEC-2026-525 rfc3161-client has insufficient verification for timestamp response signatures
Impact rfc3161-client 1.0.2 and earlier contain a flaw in their timestamp response signature verification logic. In particular, it performs chain verification against the TSR's embedded certificates up to the trusted roots, but fails to verify the TSR's own signature against the timestamping leaf...
Linux Distros Unpatched Vulnerability : CVE-2026-53223
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: guard timestamp cmsgs to real error queue skbs skbiserrqueue treats PACKETOUTGOING as the sole marker for an skb from skerrorqueue. That assumption is not...
CVE-2026-53223
A flaw was found in the Linux kernel's networking component. This vulnerability allows a remote attacker to potentially access sensitive information or cause system instability. By sending specially crafted network packets, an attacker can exploit an issue in how the kernel handles timestamping f...
PT-2026-52954
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the ras core get utc second timestamp function, which is used to retrieve the current UTC timestamp for RAS error events via a platform-specific...
CVE-2026-53223
In the Linux kernel, the following vulnerability has been resolved: net: guard timestamp cmsgs to real error queue skbs skbiserrqueue treats PACKETOUTGOING as the sole marker for an skb from skerrorqueue. That assumption is not true for AFPACKET sockets: outgoing packet taps are also delivered to...
EUVD-2026-39314
In the Linux kernel, the following vulnerability has been resolved: net: guard timestamp cmsgs to real error queue skbs skbiserrqueue treats PACKETOUTGOING as the sole marker for an skb from skerrorqueue. That assumption is not true for AFPACKET sockets: outgoing packet taps are also delivered to...
CVE-2026-53223
CVE-2026-53223 (Linux kernel) : A networking timestamping bug in net: guard timestamp cmsgs to real error queue skbs where skb_is_err_queue() incorrectly treated PACKET_OUTGOING as the sole marker for sk_error_queue. This misclassification affects AF_PACKET sockets, allowing timestamp-related con...
CVE-2026-53223 net: guard timestamp cmsgs to real error queue skbs
In the Linux kernel, the following vulnerability has been resolved: net: guard timestamp cmsgs to real error queue skbs skbiserrqueue treats PACKETOUTGOING as the sole marker for an skb from skerrorqueue. That assumption is not true for AFPACKET sockets: outgoing packet taps are also delivered to...
CVE-2026-53223 net: guard timestamp cmsgs to real error queue skbs
In the Linux kernel, the following vulnerability has been resolved: net: guard timestamp cmsgs to real error queue skbs skbiserrqueue treats PACKETOUTGOING as the sole marker for an skb from skerrorqueue. That assumption is not true for AFPACKET sockets: outgoing packet taps are also delivered to...
Linux Distros Unpatched Vulnerability : CVE-2026-46168
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: fix scheduling with atomic in timestamp sockopt Using locksockfast atomic context around socksettimestamp and socksettimestamping is unsafe, as both...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: micrel: Fixed the issue of receiving the timestamp in the frame for lan8841. The problematic code used the ptp workqueue to obtain the second part of the timestamp. When the port was disabled, this workqueue was stopped...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will remain there until they are consumed. If userspace never gets to read the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: In the net: stream module, the purge skerrorqueue operation in skstreamkillqueues has been fixed. Changheon Lee reported TCP socket leaks, with a detailed reproduction guide. It appears that we encounter TCP socket leaks in the...
CVE-2026-43173
CVE-2026-43173 is a Linux kernel vulnerability in the net: ethernet: xscale driver where ixp46x_ptp_find() is invoked unconditionally from ixp4xx_get_ts_info(), even on systems without ixp46x support. This NULL pointer dereference can lead to a kernel crash/DoS when reading PTP-related info via e...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013216)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013216 advisory. In the Linux kernel, the following vulnerability has been resolved: net: stream: purge skerrorqueue in skstreamkillqueues Changheon Lee reported TCP socket leaks, wi...
CVE-2026-39856
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When processing PE sections for page hashing, the function uses...
CVE-2026-39855
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...
GHSA-3XXC-PWJ6-JGRJ rfc3161-client Has Improper Certificate Validation
Summary An Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority TSA. By exploiting a logic flaw in how the library extracts the leaf certificate from an unordered PKCS7 bag of certificates, an attacker ca...
rfc3161-client 安全漏洞
rfc3161-client is a software developed by Trail of Bits. Versions prior to rfc3161-client 1.0.6 contained security vulnerabilities. These vulnerabilities stemmed from authorization bypasses in signature verification, which could allow attackers to impersonate trusted timestamping institutions...
CVE-2026-23445
A flaw was found in the Linux kernel's igc network driver. When an XDP eXpress Data Path application that requests transmit TX timestamping is shut down while the network interface link remains active, the driver fails to properly clear stale xskmeta pointers. This improper cleanup can lead to a...