Lucene search
K

45 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-53147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without...

8.1CVSS6.2AI score0.00283EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:12 a.m.6 views

thunderbolt: Clamp XDomain response data copy to allocation size

...

7.8CVSS5.8AI score0.00145EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/27 8:7 a.m.6 views

thunderbolt: Limit XDomain response copy to actual frame size

...

7.1CVSS5.8AI score0.00242EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/26 8:16 a.m.6 views

CVE-2026-53147

A flaw was found in the Linux kernel's Thunderbolt component. A remote attacker could exploit this vulnerability by sending a malformed XDomain packet. This could lead to an out-of-bounds read, potentially resulting in information disclosure or system instability...

8.1CVSS5.8AI score0.00283EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/26 2:12 a.m.6 views

SUSE CVE-2026-53146

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Limit XDomain response copy to actual frame size tbxdomaincopy copies req-responsesize bytes from the received packet buffer regardless of the actual frame size. When a short response arrives, this reads past the val...

7.1CVSS5.9AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/26 2:12 a.m.8 views

SUSE CVE-2026-53147

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without verifying that the allocation is large enough for the target type. A peer...

8.1CVSS5.9AI score0.00283EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53147

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without verifying that the allocation is large enough for the target type. A peer...

8.1CVSS0.00283EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53146

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Limit XDomain response copy to actual frame size tbxdomaincopy copies req-responsesize bytes from the received packet buffer regardless of the actual frame size. When a short response arrives, this reads past the val...

7.1CVSS0.00242EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53147

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without verifying that the allocation is large enough for the target type. A peer...

8.1CVSS5.9AI score0.00283EPSS
Exploits0References9
OSV
OSV
added 2026/06/25 9:16 a.m.5 views

UBUNTU-CVE-2026-53148

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

7.8CVSS5.7AI score0.00145EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53150

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Reject zero-length property entries in validator tbpropertyentryvalid accepts entries with length == 0 for DIRECTORY, DATA, and TEXT types. A zero-length TEXT entry passes validation but causes an underflow in the...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53146

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Limit XDomain response copy to actual frame size tbxdomaincopy copies req-responsesize bytes from the received packet buffer regardless of the actual frame size. When a short response arrives, this reads past the val...

7.1CVSS5.9AI score0.00242EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 8:38 a.m.2 views

CVE-2026-53148 thunderbolt: Clamp XDomain response data copy to allocation size

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

7CVSS5.8AI score0.00145EPSS
Exploits0References14
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.32 views

CVE-2026-53148 thunderbolt: Clamp XDomain response data copy to allocation size

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

0.00145EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39239

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

5.7AI score0.00145EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.6 views

CVE-2026-53148

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

7.8CVSS5.7AI score0.00145EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:38 a.m.28 views

CVE-2026-53148

The CVE affects the Linux kernel Thunderbolt driver (tb_xdp_properties_request) where per-packet copy length is derived from the response header without bounds checking against the allocated data buffer, causing a potential out-of-bounds memcpy and memory corruption. The issue can lead to denial ...

7.8CVSS5.7AI score0.00145EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2026/06/25 8:38 a.m.22 views

CVE-2026-53147

The CVE-2026-53147 issue affects the Linux kernel Thunderbolt XDomain handling. tb_xdp_handle_request() casts the received packet buffer to protocol-specific structs without confirming that the allocation is large enough for the target type. A peer could send a minimal XDomain packet that passes ...

8.1CVSS5.9AI score0.00283EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.32 views

CVE-2026-53147 thunderbolt: Validate XDomain request packet size before type cast

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without verifying that the allocation is large enough for the target type. A peer...

8.1CVSS0.00283EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.7 views

CVE-2026-53147

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without verifying that the allocation is large enough for the target type. A peer...

8.1CVSS5.8AI score0.00283EPSS
Exploits0
Rows per page
Query Builder