Lucene search
K
RedhatRecent

114833 matches found

RedHat Linux
RedHat Linux
•added 2026/06/10 12:31 p.m.•21 views

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

9.8CVSS6.3AI score0.12797EPSS
Exploits7References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:31 p.m.•9 views

samba: Remote Code Execution in SAMR

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...

9.8CVSS5.7AI score0.02501EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:31 p.m.•12 views

Critical: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS6AI score0.12797EPSS
Exploits8References7
RedHat Linux
RedHat Linux
•added 2026/06/10 12:31 p.m.•32 views

samba: Missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS5.4AI score0.00862EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:31 p.m.•9 views

samba: group policy certificate enrollment uses http:// without validation

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...

8CVSS5.4AI score0.00261EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:31 p.m.•8 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.4AI score0.00939EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:31 p.m.•7 views

ngtcp2: ngtcp2: Denial of service via stack buffer overflow during QUIC handshake

A flaw was found in ngtcp2, a C implementation of the IETF QUIC Quick UDP Internet Connections protocol. A remote attacker can exploit a stack buffer overflow vulnerability by sending specially crafted, large transport parameters during the QUIC handshake. This occurs when the qlog callback is...

7.5CVSS5.7AI score0.00776EPSS
Exploits1References6
RedHat Linux
RedHat Linux
•added 2026/06/10 12:9 p.m.•10 views

netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses 103, followed by a 200 with a GET body, then another 200 for a HEAD request when the client pipelines GET the...

9.1CVSS6.8AI score0.00633EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:9 p.m.•11 views

netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both Transfer-Encoding: chunked and Content-Length headers. While Netty correctly strips the conflicting Content-Length header for HTTP/1.1 messages, thi...

9.8CVSS6.8AI score0.00515EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:9 p.m.•6 views

netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement

A flaw was found in Netty. Netty's DNS Domain Name System codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the...

9.1CVSS6.8AI score0.00818EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:9 p.m.•19 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.33.2 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

9.8CVSS6.8AI score0.00818EPSS
Exploits5References80
RedHat Linux
RedHat Linux
•added 2026/06/10 12:9 p.m.•7 views

netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli br, Zstandard zstd, or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an...

7.5CVSS6.8AI score0.00748EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:9 p.m.•8 views

netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation

A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected...

7.5CVSS6.9AI score0.00667EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:5 p.m.•10 views

netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli br, Zstandard zstd, or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an...

7.5CVSS6.8AI score0.00748EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:5 p.m.•9 views

netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement

A flaw was found in Netty. Netty's DNS Domain Name System codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the...

9.1CVSS6.8AI score0.00818EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:5 p.m.•13 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.27.4 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

9.8CVSS6.8AI score0.00818EPSS
Exploits5References35
RedHat Linux
RedHat Linux
•added 2026/06/10 12:5 p.m.•8 views

netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker could exploit this vulnerability by sending a specific sequence of HTTP responses 103, followed by a 200 with a GET body, then another 200 for a HEAD request when the client pipelines GET the...

9.1CVSS6.8AI score0.00633EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:5 p.m.•14 views

netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

A flaw was found in Netty's HttpObjectDecoder. A remote attacker can exploit this by sending a specially crafted HTTP/1.0 request that includes both Transfer-Encoding: chunked and Content-Length headers. While Netty correctly strips the conflicting Content-Length header for HTTP/1.1 messages, thi...

9.8CVSS6.8AI score0.00515EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 12:5 p.m.•11 views

netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation

A flaw was found in Netty. The HttpProxyHandler component, which handles HTTP CONNECT requests, does not properly validate user-provided outbound headers. This allows an attacker to inject arbitrary HTTP headers into the CONNECT request sent to the proxy server. This could lead to unexpected...

7.5CVSS6.9AI score0.00667EPSS
Exploits1References5
RedHat Linux
RedHat Linux
•added 2026/06/10 11:44 a.m.•8 views

poppler: Integer overflow in Poppler SplashOutputDev::tilingPatternFill leads to heap buffer overflow via unchecked dimension multiplication

A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation, allowing a subsequent...

7.8CVSS5.7AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 11:44 a.m.•26 views

Important: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.8CVSS5.7AI score0.00252EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•10 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00242EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•6 views

mysql: DML unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access v...

4.9CVSS7AI score0.00242EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•8 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

4.9CVSS7AI score0.00242EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•8 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

4.9CVSS7AI score0.00242EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•7 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

4.9CVSS7AI score0.00242EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•13 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS7.1AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•8 views

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

6.5CVSS7.1AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•8 views

mysql: Information Schema unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with...

4.3CVSS7.1AI score0.00243EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•5 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•7 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•6 views

mysql: Information Schema unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with...

2.7CVSS7AI score0.00259EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•8 views

Moderate: Red Hat Security Advisory: mysql:8.4 security update

An update for the mysql:8.4 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.5CVSS7.6AI score0.00323EPSS
Exploits0References21
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•9 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

4.9CVSS7AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•10 views

mysql: JSON unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: JSON. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

6.5CVSS7.1AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•6 views

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

6.5CVSS7.1AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•10 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS7.1AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•7 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

4.9CVSS7AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•6 views

mysql: Group Replication Plugin unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker...

6.5CVSS7.1AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•6 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS7.1AI score0.00303EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:41 a.m.•7 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network...

4.9CVSS7AI score0.00323EPSS
Exploits0References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:37 a.m.•10 views

Important: Red Hat Security Advisory: libyang security update

An update for libyang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS6.2AI score0.00428EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/10 11:37 a.m.•7 views

libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob

A flaw was found in libyang, a YANG data modeling language library. An integer overflow in the lybreadstring function can lead to a heap buffer overflow when parsing a maliciously crafted LYB binary blob. A remote attacker, by supplying this malicious LYB data to any libyang consumer such as a...

7.5CVSS6.4AI score0.00428EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 11:34 a.m.•8 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.6AI score0.00419EPSS
Exploits0References7
RedHat Linux
RedHat Linux
•added 2026/06/10 11:34 a.m.•9 views

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.1CVSS5.5AI score0.00419EPSS
Exploits0References2
RedHat Linux
RedHat Linux
•added 2026/06/10 11:31 a.m.•9 views

httpd: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack

A flaw was found in HTTP/2, affecting various web servers. A remote attacker can exploit this vulnerability by combining an HPACK compression bomb with a zero-byte flow-control window. This technique allows a small amount of data to expand into large memory allocations on the server, which are th...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References6
RedHat Linux
RedHat Linux
•added 2026/06/10 11:31 a.m.•26 views

Important: Red Hat Security Advisory: mod_http2 security update

An update for modhttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS5.5AI score0.11471EPSS
Exploits7References2
RedHat Linux
RedHat Linux
•added 2026/06/10 10:17 a.m.•52 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS5.3AI score0.00463EPSS
Exploits0References3
RedHat Linux
RedHat Linux
•added 2026/06/10 10:17 a.m.•8 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.3AI score0.00463EPSS
Exploits0References5
RedHat Linux
RedHat Linux
•added 2026/06/10 10:17 a.m.•8 views

kernel: net: openvswitch: Avoid releasing netdev before teardown completes

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Avoid releasing netdev before teardown completes The patch cited in the Fixes tag below changed the teardown code for OVS ports to no longer unconditionally take the RTNL. After this change, the netdevdestroy...

7.8CVSS5.4AI score0.00129EPSS
Exploits0References5
Total number of security vulnerabilities114833