Lucene search
K

7 matches found

OSV
OSV
added 2026/01/13 9:53 p.m.5 views

GHSA-3PQC-836W-JGR7 Outray cli is vulnerable to race conditions in tunnels creation

Summary A TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. Details Affected conponent: apps/web/src/routes/api/tunnel/register.ts - /tunnel/register endpoint code-: ts // Check if tunnel already exists in database const...

6.3CVSS6.8AI score0.00179EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/12/10 6:58 a.m.5 views

CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

5.5CVSS5.6AI score0.00156EPSS
Exploits0References4
OSV
OSV
added 2025/12/09 1:16 a.m.4 views

UBUNTU-CVE-2023-53809

In the Linux kernel, the following vulnerability has been resolved: l2tp: Avoid possible recursive deadlock in l2tptunnelregister When a file descriptor of pppol2tp socket is passed as file descriptor of UDP socket, a recursive deadlock occurs in l2tptunnelregister. This situation is reproduced b...

5.7AI score0.00156EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2025/06/04 12:0 a.m.5 views

Vulnerabilities in the l2tp_xmit_core(), l2tp_tunnel_create(), and l2tp_tunnel_register() functions of the Linux operating system’s kernel, allowing attackers to cause service interruptions.

The vulnerabilities of the l2tpxmitcore, l2tptunnelcreate, and l2tptunnelregister functions in the Linux kernel are related to improper resource locking. Exploiting these vulnerabilities can allow an attacker to cause service failures...

5.5CVSS6.3AI score0.0013EPSS
Exploits0References10Affected Software5
OSV
OSV
added 2025/03/27 5:15 p.m.1 views

UBUNTU-CVE-2023-53020

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

4.7CVSS6.1AI score0.0013EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/03/27 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a race condition in l2tp tunnel registration...

4.7CVSS6.2AI score0.0013EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.2 views

kernel: l2tp: close all race conditions in l2tp_tunnel_register()

In the Linux kernel, the following vulnerability has been resolved: l2tp: close all race conditions in l2tptunnelregister The code in l2tptunnelregister is racy in several ways: 1. It modifies the tunnel socket after publishing it. 2. It calls setupudptunnelsock on an existing socket without...

4.7CVSS6.3AI score0.0013EPSS
Exploits0References5
Rows per page
Query Builder