CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 3 days ago•24 views

CVE-2026-46320 tap: free page on error paths in tap_get_user_xdp()

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

0.00018EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: Made llcuisendmsg more robust against changes related to bonding. syzbot was able to exploit llcuisendmsg, allocating an skb without sufficient headroom, and then attempting to append 14 bytes of Ethernet header...

5.5CVSS6.5AI score0.00011EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Team: Fix null-ptr-deref when the team device type is changed. The null-ptr-deref bug occurs as follows with a reproducer 1. Bug: NULL pointer dereferencing in the kernel. Address: 0000000000000228 …RIP:...

5.5CVSS6.1AI score0.00006EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: llc: A test for maclen should be performed before reading the MAC header. The LLC layer reads the MAC header using ethhdr, without verifying that the skb contains an Ethernet header. The Syzbot exploit was able to execute the...

5.5CVSS6.3AI score0.00009EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: validate pppoe header Ensure that there is sufficient space to access the protocol field of the PPPoE header. Validate this once before the flowtable lookup, and then use a helper function to access the...

5.5CVSS6AI score0.00017EPSS

RedHat Linux•added 2026/05/19 1:31 p.m.•8 views

kernel: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: account for Ethernet header in nfflowpppoeproto syzbot found a potential access to uninit-value in nfflowpppoeproto Blamed commit forgot the Ethernet header. BUG: KMSAN: uninit-value in...

5.5CVSS6.3AI score0.00073EPSS

Exploits0References5

RedHat Linux•added 2026/05/19 9:4 a.m.•5 views

kernel: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()

5.5CVSS6.3AI score0.00073EPSS

Exploits0References5

OSV•added 2026/05/19 12:0 a.m.•5 views

ALSA-2026:18587 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bonding: check xdp prog when set bond mode CVE-2025-22105 kernel: block: fix resource leak in blkregisterqueue error path CVE-2025-37980 kernel: dmaengine: idxd: fix memory leak in error...

7.8CVSS7.5AI score0.00155EPSS

Exploits1References30

EUVD•added 2026/04/25 8:47 a.m.•1 views

EUVD-2026-25652

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6teui64: reject invalid MAC header for all packets eui64mt6 derives a modified EUI-64 from the Ethernet source address and compares it with the low 64 bits of the IPv6 source address. The existing guard only rejects ...

5.4AI score0.00122EPSS

ATTACKERKB•added 2026/04/25 8:47 a.m.•2 views

CVE-2026-31685

9.4CVSS5.3AI score0.00122EPSS

Exploits0References6Affected Software1

Cvelist•added 2026/04/25 8:47 a.m.•30 views

CVE-2026-31685 netfilter: ip6t_eui64: reject invalid MAC header for all packets

9.4CVSS0.00122EPSS

Exploits0References8

Microsoft CVE•added 2025/12/24 9:2 a.m.•5 views

netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto()

...

5.5CVSS5.4AI score0.00073EPSS

Exploits0

Tenable Nessus•added 2025/11/06 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990478)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990478 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without...

5.5CVSS6AI score0.00009EPSS

Tenable Nessus•added 2025/11/05 12:0 a.m.•7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989975)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989975 advisory. In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validi...

7.1CVSS6.1AI score0.00015EPSS

5.5CVSS6AI score0.00009EPSS

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989959)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989959 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without...

7.1CVSS6.1AI score0.00015EPSS

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990239)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990239 advisory. In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validi...

5.5CVSS6.2AI score0.00008EPSS

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989194)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989194 advisory. In the Linux kernel, the following vulnerability has been resolved: veth: Ensure eth header is in skb's linear part After feeding a decapsulated packet to a veth...

7.1CVSS6.1AI score0.00015EPSS

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989978)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989978 advisory. In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validi...

5.5CVSS6AI score0.00009EPSS

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988754)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988754 advisory. In the Linux kernel, the following vulnerability has been resolved: llc: verify mac len before reading mac header LLC reads the mac header with ethhdr without...