240 matches found
CVE-2025-37864
CVE-2025-37864 relates to the Linux kernel DSA subsystem: a cleanup path for FDB, MDB and VLAN entries on unbind was added to fix a scenario where bridge bypass operations could leave stale entries and trigger a leak/warn on unbind. The vulnerability stems from the assumption that higher layers b...
CVE-2025-37864 net: dsa: clean up FDB, MDB, VLAN entries on unbind
In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entries on unbind As explained in many places such as commit b117e1e8a86d "net: dsa: delete dsalegacyfdbadd and dsalegacyfdbdel", DSA is written given the assumption that higher layers have...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48901: btrfs: do not start relocation until in progress drops are done bsc1229607. CVE-2022-48911: kabi: add nfqueuegetrefs for kabi compliance. bsc1229633...
CVE-2024-26837
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
DEBIAN-CVE-2024-26837
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
UBUNTU-CVE-2024-26837
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
CVE-2024-26837
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
CVE-2024-26837
CVE-2024-26837 affects the Linux kernel MDB offload replay handling. A race between generating the replay list and new MDB memberships could cause duplicates of a single event, leaving hardware-mounted memberships orphaned on bridge destruction. The fix guards MDB replay against deferred events ...
CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
TBK DVR-4104、DVR-4216 操作系统命令注入漏洞
TBK DVR-4104 is a digital video recorder from TBK. An OS command injection vulnerability exists in TBK DVR-4104, DVR-4216 version 20240412 and earlier versions, which stems from the fact that incorrect operation of the parameter mdb/mdc can lead to OS command injection...
mdb-rs.org.br Cross Site Scripting vulnerability OBB-3771867
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of the mdb_node_del() function in the LMDB database module, written in Python py-lmdb, allows a attacker to cause a service failure.
The vulnerability of the mdbnodedel function in the LMDB database module, written in Python py-lmdb, relates to the issue where an operation may be executed outside the buffer in memory when processing the data.mdb file. Exploiting this vulnerability allows a malicious actor to cause service...
impl `FromMdbValue` for bool is unsound
The implementation of FromMdbValue have several unsoundness issues. First of all, it allows to reinterpret arbitrary bytes as a bool and could make undefined behavior happen with safe function. Secondly, it allows transmuting pointer without taking memory layout into consideration. The details of...
SUSE CVE-2007-0079
rblog stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 data/admin.mdb or 2 data/rblog.mdb...
SUSE CVE-2011-2203
The hfsfindinit function in the Linux kernel 2.6 allows local users to cause a denial of service NULL pointer dereference and Oops by mounting an HFS file system with a malformed MDB extent record...
SUSE CVE-2019-16228
An issue was discovered in py-lmdb 0.97. There is a divide-by-zero error in the function mdbenvopen2 if mdbenvreadheader obtains a zero value for a certain size field. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker...
SUSE CVE-2020-10375
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product...
SUSE CVE-2021-45927
MDB Tools aka mdbtools 0.9.2 has a stack-based buffer overflow at 0x7ffd6e029ee0 in mdbnumerictostring called from mdbxferbounddata and mdbattemptbind...