2 matches found
CVE-2026-45842
CVE-2026-45842 concerns the Linux kernel slip module. When rslots are configured to 0 (no receive compression), the code may allocate a NULL rstate and set rslot_limit to 0. The receive path does not guard against this, causing slhc_uncompress() to dereference comp->rstate[x] if the VJ header ...
CVE-2023-53204
CVE-2023-53204 affects the Linux kernel af_unix subsystem. The root cause is a data race on the unix_inflight field: user->unix_inflight is modified under spin_lock(unix_gc_lock), while too_many_unix_fds() reads it locklessly, enabling a race between unix_attach_fds and the unix_inflight acces...