192 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53323
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats...
SUSE CVE-2026-53323
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...
CVE-2026-53323
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...
UBUNTU-CVE-2026-53323
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...
CVE-2026-53323
CVE-2026-53323 affects the Linux kernel DSA conduit ethtool wrappers. The root cause is redundant locking: the conduit master’s ethtool_ops were wrapped by DSA to aggregate port stats, and an extra netdev_lock_ops()/netdev_unlock_ops() inside the DSA wrappers could deadlock. The documented remedi...
CVE-2026-53323
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...
CVE-2026-53323
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...
EUVD-2026-39858
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...
CVE-2026-53323 net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops
In the Linux kernel, the following vulnerability has been resolved: net: dsa: remove redundant netdevlockops from conduit ethtool ops DSA replaces the conduit master device's ethtoolops with its own wrappers that aggregate stats from both the conduit and DSA switch ports. Taking the lock again...
PT-2026-52962
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the Distributed Switch Architecture DSA component when the system replaces the conduit device's ethtool ops with wrappers designed to aggregate statistics from the...
OPENSUSE-SU-2026:11086-1 ghc-xml-conduit-1.10.1.0-2.1 on GA media
These are all security issues fixed in the ghc-xml-conduit-1.10.1.0-2.1 package on the GA media of openSUSE Tumbleweed...
MAL-2026-1697 Malicious code in conduit-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81f9fa8b0c32901fb4a4b9bf52e4be69edec177320aea16a45dd777f792a8880 The package conduit-core was found to contain malicious code...
Malicious code in conduit-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81f9fa8b0c32901fb4a4b9bf52e4be69edec177320aea16a45dd777f792a8880 The package conduit-core was found to contain malicious code...
Malicious code in conduit-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7f95b03bc8b7d9992089476c92239b5de48ab75b1d3c1d13e9b231dcc79a52 The package conduit-utils was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-985 Malicious code in conduit-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9f633d16f7a0d621de3ff6221f99ffbc77f942c409d0d2adfbe58307211688bf The OpenSSF Package Analysis project identified 'conduit-utils' @ 2.95.0 npm as malicious. It is considered malicious because: - The package...
CVE-2026-24471
continuwuity is a Matrix homeserver written in Rust. This vulnerability allows an attacker with a malicious remote server to cause the local server to sign an arbitrary event upon user interaction. Upon a user account leaving a room rejecting an invite, joining a room or knocking on a room, the...
CVE-2026-24471 Improper Validation in Conduit-derived homeservers resulting in Unintended Proxy or Intermediary ('Confused Deputy')
continuwuity is a Matrix homeserver written in Rust. This vulnerability allows an attacker with a malicious remote server to cause the local server to sign an arbitrary event upon user interaction. Upon a user account leaving a room rejecting an invite, joining a room or knocking on a room, the...
CVE-2026-24471 Improper Validation in Conduit-derived homeservers resulting in Unintended Proxy or Intermediary ('Confused Deputy')
continuwuity is a Matrix homeserver written in Rust. This vulnerability allows an attacker with a malicious remote server to cause the local server to sign an arbitrary event upon user interaction. Upon a user account leaving a room rejecting an invite, joining a room or knocking on a room, the...
CVE-2026-24471
The CVE-2026-24471 issue affects Continuwuity and Conduit-derived servers (Continuwuity, Conduit, Grapevine, Tuwunel). A malicious remote server can induce the victim to sign an arbitrary event during user interactions such as leaving a room, joining a room, or knocking on a room, by requesting a...
CVE-2026-24471
continuwuity is a Matrix homeserver written in Rust. This vulnerability allows an attacker with a malicious remote server to cause the local server to sign an arbitrary event upon user interaction. Upon a user account leaving a room rejecting an invite, joining a room or knocking on a room, the...