Linux/Unix ホストには、ベンダーが提供するパッチが利用できない脆弱性の影響を受ける複数のパッケージがインストールされています。

  - Linux カーネルでは、以下の脆弱性が解決されています: rxrpc: Fix potential UAF after skb_unshare() failure If skb_unshare() fails to unshare a packet due to allocation failure in rxrpc_input_packet(), the skb pointer in the parent (rxrpc_io_thread()) will be NULL'd out. This will likely cause the call to trace_rxrpc_rx_done() to oops. Fix this by moving the unsharing down to where rxrpc_input_call_event() calls rxrpc_input_call_packet(). There are a number of places prior to that where we ignore DATA packets for a variety of reasons (such as the call already being complete) for which an unshare is then avoided. And with that, rxrpc_input_packet() doesn't need to take a pointer to the pointer to the packet, so change that to just a pointer. (CVE-2026-45998)

Nessus は、ベンダーによって報告されたパッケージの存在に依存していることに注意してください。

検出

Linux Distros のパッチ未適用の脆弱性: CVE-2026-45998

high Nessus プラグイン ID 317322

バージョン 1.6

バージョン 1.5

バージョン 1.4

バージョン 1.3

バージョン 1.2

バージョン 1.1

バージョン 1.6 Jun 18, 2026, 10:27 AM CVSS metrics ("CVSSv2 score" set to 6.8) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C") Plugin Feed: 202606181027
バージョン 1.5 Jun 17, 2026, 2:25 PM Plugin metadata Detection (updated detection logic) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C") CVSS metrics ("CVSSv2 score" set to 4.9) Plugin Feed: 202606171425
バージョン 1.4 Jun 17, 2026, 9:10 AM CVSS metrics ("CVSSv2 score" set to 6.8) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C") CVSS metrics ("CVSSv3 score" set to 7.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H") CVSSv3 severity (based on None, severity increased from "Medium" to "High") Plugin Feed: 202606170910
バージョン 1.3 Jun 10, 2026, 6:51 AM Detection (updated detection logic) Plugin metadata Plugin Feed: 202606100651
バージョン 1.2 Jun 4, 2026, 6:01 AM CVSS metrics ("CVSSv2 score" set to 4.9) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C") CVSS metrics ("CVSSv3 score" set to 5.5) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H") CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:U/RL:U/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:U/RL:U/RC:C") CVSSv2 score source (set to "CVE-2026-45998") CVSSv2 severity (based on CVE-2026-45998, severity decreased from "High" to "Medium") CVSSv3 severity (based on None, severity decreased from "High" to "Medium") Detection (updated detection logic) Plugin metadata Plugin Feed: 202606040601
バージョン 1.1 May 29, 2026, 5:27 PM New Plugin Feed: 202605291727