Lucene search
K

58 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 4:30 p.m.4 views

CVE-2026-53070

In the Linux kernel, the following vulnerability has been resolved: sctp: disable BH before calling udptunnelxmitskb udptunnelxmitskb / udptunnel6xmitskb are expected to run with BH disabled. After commit 6f1a9140ecda "add xmit recursion limit to tunnel xmit functions", on the path:...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the SCTP implementation where Bottom Half BH processing is not disabled before calling the udp tunnel xmit skb and udp tunnel6 xmit skb functions. These functions are...

7.5CVSS5.9AI score0.0035EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: udptunnel: Use netdevwarn instead of netdevWARN. netdevWARN uses WARN/WARNON to print a backtrace along with file and line information. In this case, udptunnelnicregister failing due to a memory allocation failure e.g., kzalloc o...

6.1AI score0.00173EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/27 12:57 p.m.11 views

SUSE CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

5.9CVSS5.8AI score0.00115EPSS
Exploits0References16
NVD
NVD
added 2026/05/27 11:16 a.m.15 views

CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

5.5CVSS0.00115EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 11:16 a.m.7 views

UBUNTU-CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

6.8CVSS5.7AI score0.00115EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:24 a.m.11 views

CVE-2026-45846

In the Linux kernel, the following vulnerability has been resolved: bareudp: fix NULL pointer dereference in bareudpfillmetadatadst bareudpfillmetadatadst passes bareudp-sock to udptunnel6dstlookup in the IPv6 path without a NULL check. The socket is only created in bareudpopen and NULLed in...

5.7AI score0.00115EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/27 9:24 a.m.25 views

CVE-2026-45846

CVE-2026-45846 affects the Linux kernel bareudp code path. The vulnerability arises in bareudp_fill_metadata_dst(), which passes bareudp->sock to udp_tunnel6_dst_lookup() in the IPv6 path without a NULL check. If the bareudp device is down (socket not created or already NULLed in bareudp_stop)...

5.5CVSS5.8AI score0.00115EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Fou: Fixed the null-ptr-deref in GRO. We observed a null-ptr-deref in fougroreceive while shutting down a host. 0 The NULL pointer is sk-skuserdata, and the offset 8 represents the protocol field in the struct fou structure. When...

5.5CVSS6.4AI score0.00238EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011283)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011283 advisory. In the Linux kernel, the following vulnerability has been resolved: udptunnel: use netdevwarn instead of netdevWARN netdevWARN uses WARN/WARNON to print a backtrace...

5.9AI score0.00173EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013083)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013083 advisory. In the Linux kernel, the following vulnerability has been resolved: udptunnel: use netdevwarn instead of netdevWARN netdevWARN uses WARN/WARNON to print a backtrace...

5.9AI score0.00173EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/03 11:27 p.m.4 views

SUSE CVE-2026-23459

In the Linux kernel, the following vulnerability has been resolved: iptunnel: adapt iptunnelxmitstats to NETDEVPCPUSTATDSTATS Blamed commits forgot that vxlan/geneve use udptunnel6xmitskb which call iptunnelxmitstats. iptunnelxmitstats was assuming tunnels were only using NETDEVPCPUSTATTSTATS...

8.2CVSS5.7AI score0.00299EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/03 6:31 p.m.3 views

EUVD-2026-18680

In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually creating a socket. Callers such as foucreate then proceed to...

5.7AI score0.00123EPSS
Exploits0References7
NVD
NVD
added 2026/04/03 4:16 p.m.3 views

CVE-2026-23439

In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually creating a socket. Callers such as foucreate then proceed to...

5.5CVSS0.00123EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.6 views

CVE-2026-23439

In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually creating a socket. Callers such as foucreate then proceed to...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/04/03 4:16 p.m.3 views

UBUNTU-CVE-2026-23439

In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually creating a socket. Callers such as foucreate then proceed to...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References9
OSV
OSV
added 2026/04/03 4:16 p.m.5 views

UBUNTU-CVE-2026-23459

In the Linux kernel, the following vulnerability has been resolved: iptunnel: adapt iptunnelxmitstats to NETDEVPCPUSTATDSTATS Blamed commits forgot that vxlan/geneve use udptunnel6xmitskb which call iptunnelxmitstats. iptunnelxmitstats was assuming tunnels were only using NETDEVPCPUSTATTSTATS...

8.2CVSS5.7AI score0.00299EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/03 3:15 p.m.1 views

CVE-2026-23459

In the Linux kernel, the following vulnerability has been resolved: iptunnel: adapt iptunnelxmitstats to NETDEVPCPUSTATDSTATS Blamed commits forgot that vxlan/geneve use udptunnel6xmitskb which call iptunnelxmitstats. iptunnelxmitstats was assuming tunnels were only using NETDEVPCPUSTATTSTATS...

5.7AI score0.00299EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/03 3:15 p.m.12 views

CVE-2026-23439

The CVE-2026-23439 entry describes a Linux kernel issue in udp_tunnel where, if CONFIG_IPV6 is disabled, udp_sock_create6() can return success without creating a socket. This leads to a NULL pointer dereference when callers like fou_create() dereference the uninitialized socket pointer, causing a...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/04/03 3:15 p.m.17 views

CVE-2026-23439 udp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n

In the Linux kernel, the following vulnerability has been resolved: udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n When CONFIGIPV6 is disabled, the udpsockcreate6 function returns 0 success without actually creating a socket. Callers such as foucreate then proceed to...

0.00123EPSS
Exploits0References8
Rows per page
Query Builder