Lucene search
K

83 matches found

RedHat Linux
RedHat Linux
added 5 days ago4 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS7.1AI score0.93235EPSS
Exploits31References6
Tenable Nessus
Tenable Nessus
added 5 days ago5 views

EulerOS Virtualization 2.13.0 : kernel (EulerOS-SA-2026-2518)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : xfrm: esp: avoid in-place decrypt on shared skb fragsCVE-2026-43284 Tenable has extracted the preceding description block directly...

8.8CVSS7AI score0.93235EPSS
Exploits31References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.10 views

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-8462-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8462-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS7.2AI score0.96267EPSS
Exploits281References15
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50318)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50318 advisory. - net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption Muhammad Alifa Ramdhan Orabug: 39543209 CVE-2026-31533 - net: fix fanout UAF...

9.8CVSS6.5AI score0.004EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/06/11 8:51 p.m.73 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

DirtyFrag CVE-2026-43284 PoC Validation and auditd Detection...

8.8CVSS6AI score0.93235EPSS
Exploits31
RedHat Linux
RedHat Linux
added 2026/06/09 1:49 p.m.27 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS5.9AI score0.03663EPSS
Exploits11References5
Oracle linux
Oracle linux
added 2026/06/07 12:0 a.m.23 views

Unbreakable Enterprise kernel security update

5.4.17-2136.356.4.2 - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017592 CVE-2025-10263 - arm64: tlb: Add ARM64WORKAROUNDREPEATTLBISYNC Mark Rutland Orabug: 39017592 - ARM: uek: Disable CONFIGQCOMFALKORERRATUM1003 Boris Ostrovsky Orabug: 39017592 - arm64: tlb:...

9.1CVSS5.5AI score0.96267EPSS
Exploits276
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.6 views

Ubuntu 14.04 LTS / 18.04 LTS : Linux kernel vulnerability (USN-8390-1)

The remote Ubuntu 14.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8390-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Fra...

8.8CVSS6AI score0.93235EPSS
Exploits31References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.8 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-8389-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8389-1 advisory. It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as...

8.8CVSS5.5AI score0.93235EPSS
Exploits36References4
RedHat Linux
RedHat Linux
added 2026/06/04 9:43 p.m.8 views

kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged...

7.8CVSS6.1AI score0.03663EPSS
Exploits11References5
OSV
OSV
added 2026/06/04 9:23 p.m.15 views

USN-8391-1 linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.2AI score0.96267EPSS
Exploits260References14
OSV
OSV
added 2026/06/04 9:9 p.m.5 views

USN-8389-1 linux, linux-aws, linux-aws-fips, linux-azure, linux-azure-5.4, linux-azure-fips, linux-bluefield, linux-fips, linux-gcp, linux-gcp-5.4, linux-gcp-fips, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-xilinx-zynqmp vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.2AI score0.93235EPSS
Exploits36References4
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.16 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50294)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50294 advisory. - net: skbuff: propagate shared-frag marker through frag-transfer helpers Hyunwoo Kim Orabug: 39368827 CVE-2026-46300 - ptrace: slightly saner...

9.8CVSS6.9AI score0.96267EPSS
Exploits269References8
OSV
OSV
added 2026/06/02 5:12 p.m.17 views

USN-8373-1 linux, linux-aws, linux-aws-6.8, linux-aws-fips, linux-azure, linux-fips, linux-gcp, linux-gcp-6.8, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-nvidia-tegra, linux-oracle, linux-oracle-6.8, linux-raspi, linux-raspi-realtime, linux-realtime, linux-realtime-6.8 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.3AI score0.93235EPSS
Exploits57References22
Oracle linux
Oracle linux
added 2026/06/02 12:0 a.m.19 views

Unbreakable Enterprise kernel security update

6.12.0-203.76.7.1 - smb: client: reject userspace cifs.spnego descriptions Asim Viladi Oglu Manizada Orabug: 39474418 6.12.0-203.76.7 - tun: free page on buildskb failure in tunxdpone Weiming Shi Orabug: 39456024 - tap: free page on error paths in tapgetuserxdp Weiming Shi Orabug: 39456024 - tun:...

9.8CVSS6.8AI score0.96267EPSS
Exploits271
OSV
OSV
added 2026/06/01 9:26 a.m.5 views

SUSE-SU-2026:21888-1 Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

7.8CVSS6.4AI score0.03663EPSS
Exploits17References13
SUSE Linux
SUSE Linux
added 2026/05/31 11:35 a.m.11 views

Security update for the Linux Kernel (Live Patch 36 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.141 fixes various security issues The following security issues were fixed: CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798...

8.8CVSS6.4AI score0.03663EPSS
Exploits17References24
GithubExploit
GithubExploit
added 2026/05/26 7:35 a.m.130 views

Exploit for Write-what-where Condition in Linux Linux_Kernel

CVE-2026-43284 — 4-byte XFRM/ESP Proof-of-c...

8.8CVSS6.2AI score0.93235EPSS
Exploits31
Rosalinux
Rosalinux
added 2026/05/22 8:59 a.m.17 views

Advisory ROSA-SA-2026-3294

CVE-ID: CVE-2026-46300 BDU-ID: None CVE-Crit: Not available CVE-DESCRIPTION: A vulnerability in the XFRM ESP-in-TCP subsystem of the Linux kernel. A logical error occurs when transitioning a TCP socket to the espintcp mode after writing file data to the receive queue. The kernel processes file...

8.8CVSS6.1AI score0.93235EPSS
Exploits45
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.21 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50280)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50280 advisory. - ptrace: slightly saner 'getdumpable' logic Linus Torvalds Orabug: 39391447 CVE-2026-46333 - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache Jeff...

9.8CVSS7AI score0.96267EPSS
Exploits260References2
Rows per page
Query Builder