Lucene search
K

153 matches found

RedhatCVE
RedhatCVE
added 2026/05/09 1:31 a.m.13 views

CVE-2026-43465

A flaw was found in the Linux kernel's mlx5e driver. This vulnerability arises from incorrect fragment counting when XDP eXpress Data Path multi-buffer programs modify the XDP buffer layout. This issue could allow a local attacker or a specially crafted network packet to trigger a negative...

9.8CVSS5.9AI score0.00414EPSS
Exploits0References4
CVE
CVE
added 2026/05/08 2:22 p.m.15 views

CVE-2026-43465

CVE-2026-43465: Linux kernel mlx5e XDP multi-buf frag counting flaw. When XDP programs modify the XDP buffer layout (via bpf_xdp_pull_data/bpf_xdp_adjust_tail), the driver failed to count dropped fragments, risking negative page fragment reference counting and potential instability. Public report...

9.8CVSS5.9AI score0.00414EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.15 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the XDP multiple buffer fragment count in the net mlx5e RX component. This count does not correct...

9.8CVSS5.9AI score0.00414EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/06 5:29 p.m.8 views

CVE-2026-43092

A flaw was found in the Linux kernel's AFXDP eXpress Data Path subsystem. The AFXDP bind operation fails to validate the Maximum Transmission Unit MTU against the usable frame space provided by the UMEM User Memory chunk. This can lead to situations where the configured MTU does not fit,...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
OSV
OSV
added 2026/04/25 5:49 a.m.3 views

OESA-2026-2077 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been...

9.8CVSS6AI score0.0049EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/04/03 11:27 p.m.8 views

SUSE CVE-2026-23445

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/04/03 6:52 p.m.6 views

CVE-2026-23453

A flaw was found in the Linux kernel's net: ti: icssg-prueth network driver. When XDP eXpress Data Path programs drop packets in non-zero-copy mode, memory pages are not properly returned to the system's page pool. This memory leak can lead to Out of Memory OOM conditions, causing a Denial of...

7.5CVSS5.9AI score0.00343EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/03 6:31 p.m.7 views

EUVD-2026-18706

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

5.8AI score0.00343EPSS
Exploits0References3
NVD
NVD
added 2026/04/03 4:16 p.m.9 views

CVE-2026-23445

In the Linux kernel, the following vulnerability has been resolved: igc: fix page fault in XDP TX timestamps handling If an XDP application that requested TX timestamping is shutting down while the link of the interface in use is still up the following kernel splat is reported: 883.803618 T1554...

7.8CVSS0.00129EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.3 views

CVE-2026-23453

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

7.5CVSS5.8AI score0.00343EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.2 views

CVE-2026-23377

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.5CVSS5.5AI score0.001EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.16 views

CVE-2026-23359 bpf: Fix stack-out-of-bounds write in devmap

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...

0.00129EPSS
Exploits0References7
OSV
OSV
added 2026/03/25 10:27 a.m.3 views

CVE-2026-23343 xdp: produce a warning when calculated tailroom is negative

In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpfxdpfragsincreasetail, clearly...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23343

In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpfxdpfragsincreasetail, clearly...

7.8CVSS5.4AI score0.00129EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an incorrect configuration of the XDP RxQ fragsize field, which may lead to negative tail space...

5.5CVSS6AI score0.001EPSS
Exploits0References2
CVE
CVE
added 2026/02/14 3:22 p.m.22 views

CVE-2026-23140

CVE-2026-23140 is a Linux kernel vulnerability resolved in kernel patches related to BPF/XDP handling. The issue arises in bpf_test_run where the metadata size isn’t constrained by the actual xdp_frame headroom, allowing a userspace-supplied metadata size that can exhaust headroom. In live packet...

5.5CVSS5.3AI score0.00122EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2026/01/13 4:15 p.m.4 views

CVE-2025-68770

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix XDPTX path For XDPTX action in bnxtrxxdp, clearing of the event flags is not correct. bnxtpollwork - bnxtrxpkt - bnxtrxxdp may be looping within NAPI and some event flags may be set in earlier iterations. In particula...

5.8AI score0.00166EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-68770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix XDPTX path For XDPTX action in bnxtrxxdp, clearing of the event flags is not...

6AI score0.00166EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.9 views

PT-2026-27724

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the bpf subsystem, specifically in the devmap functionality. The get upper ifindexes function iterates through upper devices and writes their...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References408
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.15 views

PT-2026-27708

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc1+ 21 Description The Linux kernel contained a flaw in the XDP eXpress Data Path implementation where a negative tailroom could be calculated. This occurs when ethernet drivers report XDP RX queue frag...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
Rows per page
Query Builder