Lucene search
K

517 matches found

SUSE CVE
SUSE CVE
added 2026/05/27 12:57 p.m.13 views

SUSE CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

6.5CVSS5.7AI score0.00117EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/27 12:28 p.m.10 views

CVE-2026-45844

A flaw was found in the Linux kernel's netfilter ARP Address Resolution Protocol tables. When processing IPv4-over-IEEE1394 ARP packets on IEEE1394 interfaces, the kernel incorrectly parses the ARP payload. This can lead to incorrect filtering decisions by arptables, where packets that should be...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 11:16 a.m.13 views

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.5CVSS0.00117EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 11:16 a.m.4 views

UBUNTU-CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 9:24 a.m.7 views

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.7AI score0.00117EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/05/27 9:24 a.m.8 views

EUVD-2026-32170

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.8AI score0.00117EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 9:24 a.m.30 views

CVE-2026-45844

Summary: CVE-2026-45844 affects the Linux kernel netfilter arp_tables on IEEE1394 (FireWire) interfaces. The vulnerability arises because arp_packet_match() unconditionally parses the ARP payload assuming both source and target hardware addresses exist, while IPv4-over-IEEE1394 ARP omits the targ...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 9:24 a.m.10 views

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

5.5CVSS5.7AI score0.00117EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.8 views

CVE-2026-45844

netfilter: arptables: fix IEEE1394 ARP payload parsing...

5.8AI score0.00117EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the netfilter arptables module’s improper handling of omitted target hardware address fields when...

5.8AI score0.00117EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-45844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses a...

5.5CVSS5.9AI score0.00117EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43678

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter arp tables component regarding the parsing of ARP payloads for IEEE1394 FireWire interfaces. The arp packet match function incorrectly assumes that both...

9.1CVSS5.9AI score0.00525EPSS
Exploits0References296
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firewire: In the net subsystem, a bug related to use-after-free was fixed in the fwnetfinishincomingpacket function. The netifrx function frees the skb, but we cannot dereference it to save the skb-len...

7.8CVSS5.2AI score0.00142EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Firewire: Core – Fixing a race condition with the transaction list The list of transactions is enumerated without acquiring the card lock when processing the AR response event. This causes a race condition bug when processing the...

4.7CVSS5.2AI score0.00074EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu – added a bounds check in the putuser loop for DSP events. In the DSP event handling code, the putuser loop copies event data. When the user buffer size is not aligned to 4 bytes, it may overwrite data beyond...

6AI score0.00161EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-31619

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: fireworks: bound device-supplied status before string array lookup The status field in an EFW response is a 32-bit value supplied by the firewire device...

5.5CVSS6AI score0.00125EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.6 views

SUSE CVE-2026-31619

In the Linux kernel, the following vulnerability has been resolved: ALSA: fireworks: bound device-supplied status before string array lookup The status field in an EFW response is a 32-bit value supplied by the firewire device. efrstatusnames has 17 entries so a status value outside that range go...

6.1CVSS5.4AI score0.00125EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/24 8:32 p.m.7 views

CVE-2026-31619

A flaw was found in the Linux kernel's ALSA fireworks driver. A malicious firewire device could supply a specially crafted status value, causing an out-of-bounds read during a string array lookup. This vulnerability may lead to a denial of service DoS or potentially information disclosure...

5.5CVSS5.3AI score0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/04/24 3:16 p.m.5 views

DEBIAN-CVE-2026-31619

In the Linux kernel, the following vulnerability has been resolved: ALSA: fireworks: bound device-supplied status before string array lookup The status field in an EFW response is a 32-bit value supplied by the firewire device. efrstatusnames has 17 entries so a status value outside that range go...

5.5CVSS5.2AI score0.00125EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 2:42 p.m.6 views

EUVD-2026-25512

In the Linux kernel, the following vulnerability has been resolved: ALSA: fireworks: bound device-supplied status before string array lookup The status field in an EFW response is a 32-bit value supplied by the firewire device. efrstatusnames has 17 entries so a status value outside that range go...

5.3AI score0.00125EPSS
Exploits0References4
Rows per page
Query Builder