Overview
Description
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE
handler in rxrpc_verify_response() copy the skb to a linear one before
calling into the security ops only when skb_cloned() is true. An skb
that is not cloned but still carries externally-owned paged fragments
(e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via
__ip_append_data, or a chained skb_has_frag_list()) falls through to
the in-place decryption path, which binds the frag pages directly into
the AEAD/skcipher SGL via skb_to_sgvec().
Extend the gate to also unshare when skb_has_frag_list() or
skb_has_shared_frag() is true. This catches the splice-loopback vector
and other externally-shared frag sources while preserving the
zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC
page_pool RX, GRO). The OOM/trace handling already in place is reused.
Statistics
- 1 Post
- 1 Interaction
Last activity: Last hour
Fediverse
Ist die Aufregung um die neuen Linux-Fehler berechtigt?
Radio Eriwan antwortet: Das kommt darauf an. Nämlich darauf, ob wir von einem Arbeitsplatz-Rechner reden oder von einem Server. Arbeitsplatz-Rechner sind nicht betroffen. - Die Rede ist von drei neu entdeckten Sicherheitslücken im Linux-Kernel:
CVE-2026-43284 ("Dirty Frag")*,
CVE-2026-43500 ("Copy Fail 2") und
CVE-2026-46300 ("Fragnesia").
Die stecken in Server-Funktionen für VPN-Zugriff über IPSec und für das verteilte Dateisystem AFS. Sie ermöglichen eine lokale Privilegien-Eskalation (LPE).
Um eine LPE Sicherheitslücke auszunutzen, muss ein/e Benutzer/in angemeldet sein, also entweder am Terminal vorm Rechner sitzen, oder eher
#Allgemein #Hintergrund #cybercrime #exploits #linux #sicherheit #wissen
Overview
- Microsoft
- Windows Server 2025 (Server Core installation)
09 May 2023
Published
10 Jul 2025
Updated
CVSS v3.1
MEDIUM (6.7)
EPSS
0.58%
KEV
Description
Secure Boot Security Feature Bypass Vulnerability
Statistics
- 1 Post
Last activity: 11 hours ago
Overview
Description
An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Statistics
- 1 Post
Last activity: 11 hours ago
Overview
- Microsoft
- Windows 10 Version 1809
11 Jan 2022
Published
02 Jan 2025
Updated
CVSS v3.1
MEDIUM (4.4)
EPSS
42.69%
KEV
Description
Secure Boot Security Feature Bypass Vulnerability
Statistics
- 1 Post
Last activity: 11 hours ago
Overview
Description
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ.
Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations on all ActiveMQ MBeans (org.apache.activemq:*), including
BrokerService.addNetworkConnector(String) and BrokerService.addConnector(String).
An authenticated attacker can invoke these operations with a crafted discovery URI that triggers the VM transport's brokerConfig parameter to load a remote Spring XML application context using ResourceXmlApplicationContext.
Because Spring's ResourceXmlApplicationContext instantiates all singleton beans before the BrokerService validates the configuration, arbitrary code execution occurs on the broker's JVM through bean factory methods such as Runtime.exec().
This issue affects Apache ActiveMQ Broker: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ All: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ: before 5.19.4, from 6.0.0 before 6.2.3.
Users are recommended to upgrade to version 5.19.4 or 6.2.3, which fixes the issue
Statistics
- 1 Post
Last activity: 11 hours ago