Lucene search
+L

4 matches found

debiancve
debiancve
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52940

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.5CVSS5.7AI score0.00112EPSS
Exploits0
osv
osv
added 2026/06/24 7:14 a.m.3 views

CVE-2026-52940 tun: zero the whole vnet header in tun_put_user()

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References6
euvd
euvd
added 2026/06/24 7:14 a.m.18 views

EUVD-2026-38710

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.8AI score0.00112EPSS
Exploits0References3
cve
cve
added 2026/06/24 7:14 a.m.15 views

CVE-2026-52940

The CVE-2026-52940 issue affects the Linux kernel tun driver. tun_put_user() allocates an on‑stack virtio_net_hdr_v1_hash_tunnel without zeroing, while virtio_net_hdr_tnl_from_skb() only initializes the first 10 bytes for non‑tunnel SKBs. This allows an unprivileged user to set the vnet header to...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder