Lucene search
+L

648 matches found

Debian CVE
Debian CVE
added 2026/06/09 12:11 p.m.11 views

CVE-2026-46321

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...

7.1CVSS5.3AI score0.00129EPSS
Exploits0
EUVD
EUVD
added 2026/06/09 12:11 p.m.11 views

EUVD-2026-35411

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...

5.4AI score0.00129EPSS
Exploits0References4
CVE
CVE
added 2026/06/09 12:11 p.m.66 views

CVE-2026-46321

Summary. CVE-2026-46321 concerns the Linux kernel tun/tap with vhost-net, where a short-frame rejection path in tun_xdp_one() can leak memory pages. Specifically, when a frame is shorter than ETH_HLEN, tun_xdp_one() returns -EINVAL without freeing the page allocated by vhost_net_build_xdp(). tun_...

7.1CVSS5.4AI score0.00129EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/06/09 12:11 p.m.2 views

CVE-2026-46321 tun: free page on short-frame rejection in tun_xdp_one()

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...

7.1CVSS5.8AI score0.00129EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns...

7.1CVSS6AI score0.00129EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-47758

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the tun xdp one function returns -EINVAL for frames shorter than ETH HLEN without freeing the page allocated by vhost net build xdp. Because...

9.8CVSS5.4AI score0.00457EPSS
Exploits2References80
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-47759

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the build skb function fails within the tun xdp one function. In this scenario, the system sets the return value to -ENOMEM and exits withou...

9.8CVSS5.4AI score0.00457EPSS
Exploits2References81
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-46321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp...

7.1CVSS6AI score0.00129EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/08 11:8 p.m.15 views

nebula-mesh: Host advanced overrides allow YAML injection into agent config.yml

internal/configgen/generator.go:86,108,119 interpolates the operator-supplied ListenHost and TunDevice fields raw into a text/template that produces the agent's config.yml. internal/web/advanced.go:20-35 accepts both with only strings.TrimSpace — no character or shape validation. Exploit An...

5.5AI score0.00052EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47557

internal/configgen/generator.go:86,108,119 interpolates the operator-supplied ListenHost and TunDevice fields raw into a text/template that produces the agent's config.yml. internal/web/advanced.go:20-35 accepts both with only strings.TrimSpace — no character or shape validation. Exploit An...

8.7CVSS5.5AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.20 views

PT-2026-47619

Name of the Vulnerable Software and Affected Versions nebula-mesh versions prior to 0.3.2 Description Host advanced overrides allow YAML injection into the agent config.yml. The issue occurs because the ListenHost and TunDevice fields are interpolated raw into a text/template within...

8.7CVSS5.9AI score0.00052EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2026/06/03 12:0 a.m.20 views

Unbreakable Enterprise kernel security update

5.4.17-2136.356.4.1 - smb: client: reject userspace cifs.spnego descriptions Asim Viladi Oglu Manizada Orabug: 39463669 5.4.17-2136.356.4 - tun: free page on buildskb failure in tunxdpone Weiming Shi Orabug: 39429147 - tap: free page on error paths in tapgetuserxdp Weiming Shi Orabug: 39429147 -...

9.8CVSS6.2AI score0.96267EPSS
Exploits278
Oracle linux
Oracle linux
added 2026/06/02 12:0 a.m.23 views

Unbreakable Enterprise kernel security update

6.12.0-203.76.7.1 - smb: client: reject userspace cifs.spnego descriptions Asim Viladi Oglu Manizada Orabug: 39474418 6.12.0-203.76.7 - tun: free page on buildskb failure in tunxdpone Weiming Shi Orabug: 39456024 - tap: free page on error paths in tapgetuserxdp Weiming Shi Orabug: 39456024 - tun:...

9.8CVSS6.8AI score0.96267EPSS
Exploits273
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks in napigetfrags The issue was reported in kmemleak after running testprogs: Unreferenced object: 0xffff8881b1672dc0 size 232 Details: comm “testprogs”, pid 394388, jiffies 4354712116 age 841.975s Hex du...

5.5CVSS6.3AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tundetach Syzbot reported a use-after-free in tundetach. This causes a call trace like the following: ================================================================== BUG: KASAN: use-after-free i...

7.8CVSS6.3AI score0.00263EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Net: tun: Unlinking the NAPI from the device upon destruction. Syzbot identified a race condition between the tun file and the device destruction process. NAPIs reside in the structtunfile structure, and this structure may be...

5.5CVSS6.1AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.1 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: tun: avoided double-free in tunfreenetdev Avoid double-free in tunfreenetdev by moving the dev-tstats and tun-security allocations to a new ndoinit routine tunnetinit, which will be called by registernetdevice. ndoinit is paired...

7.8CVSS5.5AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tun: Added missing verification for short frames. The referenced commit failed to check the validity of the frame length in the tunxdpone path, which could result in a corrupted skb being sent down the stack. Even before the skb ...

7.1CVSS6.4AI score0.00254EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: core: The unnecessary framesz check in bpfxdpadjusttail has been removed. Syzkaller reported the following issue: ======================================= “Too big” – xdp-framesz = 131072 WARNING: CPU: 0, PID: 5020, at...

6.4AI score0.00168EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: can: afcan: fixed NULL pointer dereferencing in canrcvfilter. Similar to the issue reported in commit 8aa59e355949 “can: afcan: fixed NULL pointer dereferencing in canrxregister”, we need to check for a missing initialization ...

5.5CVSS6.3AI score0.00243EPSS
Exploits0References2
Rows per page
Query Builder