CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Net: tun: Unlinking the NAPI from the device upon destruction. Syzbot identified a race condition between the tun file and the device destruction process. NAPIs reside in the structtunfile structure, and this structure may be...

5.5CVSS6AI score0.00268EPSS

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: tun: limits the printing rate when an illegal packet is received by the tun device. vhostworker calls tun callbacks to receive packets. If too many illegal packets arrive, tundoread continues to dump the packet contents. When...

5.5CVSS6.4AI score0.00271EPSS

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: A test for maclen should be performed before reading the MAC header. The LLC layer reads the MAC header using ethhdr, without verifying that the skb contains an Ethernet header. Syzbot was able to access the llcrcv functi...

5.5CVSS6.3AI score0.00245EPSS

SUSE CVE•added 2026/06/10 2:25 a.m.•8 views

SUSE CVE-2026-46322

In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...

3.3CVSS5.3AI score0.00129EPSS

Exploits0References3

RedhatCVE•added 2026/06/09 5:13 p.m.•6 views

CVE-2026-46321

A flaw was found in the Linux kernel. A local attacker with access to the tun/tap device can exploit this vulnerability. By sending network frames shorter than the expected header length, the system fails to free allocated memory pages, leading to memory leaks. This can exhaust system memory,...

RedhatCVE•added 2026/06/09 4:55 p.m.•10 views

CVE-2026-46322

A flaw was found in the Linux kernel's tun driver. This vulnerability occurs when the buildskb function fails within tunxdpone, leading to a failure to free an allocated memory page. Each such failure results in a memory leak, where a 'page-frag chunk' is not released. Over time, repeated...

NVD•added 2026/06/09 1:16 p.m.•12 views

CVE-2026-46322

NVD•added 2026/06/09 1:16 p.m.•9 views

CVE-2026-46321

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...

OSV•added 2026/06/09 1:16 p.m.•4 views

UBUNTU-CVE-2026-46322

7.1CVSS5.2AI score0.00129EPSS

Exploits0References3

Cvelist•added 2026/06/09 12:11 p.m.•28 views

CVE-2026-46322 tun: free page on build_skb failure in tun_xdp_one()

Debian CVE•added 2026/06/09 12:11 p.m.•8 views

CVE-2026-46322

7.1CVSS5.3AI score0.00129EPSS

Exploits0

CVE•added 2026/06/09 12:11 p.m.•33 views

CVE-2026-46322

The CVE relates to the Linux kernel tun driver vulnerability CVE-2026-46322. When build_skb() fails inside tun_xdp_one(), the function returns -ENOMEM without freeing the allocated page for the frame, causing a memory leak of one page-frag chunk per failed build_skb() in a batch. The root cause i...

Cvelist•added 2026/06/09 12:11 p.m.•27 views

CVE-2026-46321 tun: free page on short-frame rejection in tun_xdp_one()

EUVD•added 2026/06/09 12:11 p.m.•7 views

EUVD-2026-35411

5.4AI score0.00129EPSS

Debian CVE•added 2026/06/09 12:11 p.m.•6 views

CVE-2026-46321

7.1CVSS5.3AI score0.00129EPSS

Exploits0

CVE•added 2026/06/09 12:11 p.m.•45 views

CVE-2026-46321

Summary. CVE-2026-46321 concerns the Linux kernel tun/tap with vhost-net, where a short-frame rejection path in tun_xdp_one() can leak memory pages. Specifically, when a frame is shorter than ETH_HLEN, tun_xdp_one() returns -EINVAL without freeing the page allocated by vhost_net_build_xdp(). tun_...

Tenable Nessus•added 2026/06/09 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp...

7.1CVSS5.9AI score0.00129EPSS

Tenable Nessus•added 2026/06/09 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns...

7.1CVSS5.9AI score0.00129EPSS