23 matches found
CVE-2026-43089
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...
CVE-2026-43089
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...
CVE-2026-43089 xfrm_user: fix info leak in build_mapping()
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before copying out to userspace. Fix that up by zeroing out the whole structur...
Linux Distros Unpatched Vulnerability : CVE-2026-43089
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrmuser: fix info leak in buildmapping struct xfrmusersaid has a one-byte padding hole after the proto field, which ends up never getting set to zero before...
Linux Distros Unpatched Vulnerability : CVE-2026-31671
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three empty bytes of...
CVE-2026-31671
A flaw was found in the Linux kernel's xfrmuser component. This vulnerability allows a local attacker to disclose sensitive information. The xfrmuserreport structure contains uninitialized padding bytes that are copied to userspace, leading to an information leak...
CVE-2026-31671
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...
DEBIAN-CVE-2026-31671
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...
CVE-2026-31671
The CVE-2026-31671 issue is in the Linux kernel xfrm_user component. A struct xfrm_user_report includes a __u8 proto field followed by a struct xfrm_selector, creating three padding bytes that were never zeroed before copying to userspace. The vulnerability is a information leak caused by these u...
CVE-2026-31671
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...
EUVD-2026-25564
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...
CVE-2026-31671 xfrm_user: fix info leak in build_report()
In the Linux kernel, the following vulnerability has been resolved: xfrmuser: fix info leak in buildreport struct xfrmuserreport is a u8 proto field followed by a struct xfrmselector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to userspace...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000281)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000281 advisory. An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because...
Linux Distros Unpatched Vulnerability : CVE-2019-15666
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, becau...
SUSE CVE-2012-6537
net/xfrm/xfrmuser.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAPNETADMIN capability...
Kernel: ipsec: xfrm: use-after-free leading to potential privilege escalation
The Linux kernel is vulerable to a use-after-free flaw when Transformation User configuration interfaceCONFIGXFRMUSER compile-time configuration were enabled. This vulnerability occurs while closing a xfrm netlink socket in xfrmdumppolicydone. A user/process could abuse this flaw to potentially...
Kernel: ipsec: xfrm: use-after-free leading to potential privilege escalation
The Linux kernel is vulerable to a use-after-free flaw when Transformation User configuration interfaceCONFIGXFRMUSER compile-time configuration were enabled. This vulnerability occurs while closing a xfrm netlink socket in xfrmdumppolicydone. A user/process could abuse this flaw to potentially...
PT-2016-3448 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue was found in the netlink dump function. This occurs when the Netlink socket receives a message of type XFRM MSG GETSA or XFRM MSG GETPOLICY with the DU...
The vulnerability of the Linux operating system allows a malicious individual to gain access to confidential information from the kernel’s memory.
The vulnerability exists in the Linux kernel’s net/xfrm/xfrmuser.c file, due to the lack of initialization for certain structures. Exploiting this vulnerability allows local users to access confidential information from the kernel’s memory, using the privileged CAPNETADMIN privilege...
Kernel: xfrm_user information leaks copy_to_user_
net/xfrm/xfrmuser.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAPNETADMIN capability...