Lucene search
K

977 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 8:34 a.m.8 views

CVE-2026-53237

A flaw was found in the Linux kernel's Marvell EBU mvebu General Purpose Input/Output GPIO driver. During system suspend and resume operations, the mvebupwmsuspend and mvebupwmresume functions are called for all GPIO banks. However, not all banks have Pulse Width Modulation PWM functionality,...

5.8AI score0.00175EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53217

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the hardware packet offset mvpp2 programs the RX queue packet offset, so hardware writes received data at dmaaddr + MVPP2SKBHEADROOM. The current CPU sync starts at dmaaddr and only covers rxbytes +...

8.6CVSS0.00401EPSS
Exploits0References8
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53217

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the hardware packet offset mvpp2 programs the RX queue packet offset, so hardware writes received data at dmaaddr + MVPP2SKBHEADROOM. The current CPU sync starts at dmaaddr and only covers rxbytes +...

8.6CVSS5.7AI score0.00401EPSS
Exploits0References11
CVE
CVE
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53237

The CVE-2026-53237 entry concerns the Linux kernel GPIO subsystem for Marvell Armada 370/XP. Root cause: during suspend/resume, mvebu_pwm_suspend() and mvebu_pwm_resume() are invoked for all GPIO banks, but banks without PWM present mvchip->mvpwm set to NULL. When mvebu_pwm_suspend() is called...

5.8AI score0.00175EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39308

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: sync RX data at the hardware packet offset mvpp2 programs the RX queue packet offset, so hardware writes received data at dmaaddr + MVPP2SKBHEADROOM. The current CPU sync starts at dmaaddr and only covers rxbytes +...

5.7AI score0.00401EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.10 views

CVE-2026-53217

The CVE-2026-53217 issue affects the Linux kernel MVPP2 driver: RX data was synchronized at the hardware packet offset, leaving end-of-frame data possibly stale on non‑coherent DMA. Root cause is incorrect DMA sync range (starting at dma_addr and not covering the actual written packet tail). The ...

8.6CVSS5.7AI score0.00401EPSS
Exploits0References8Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: Fixed a NULL dereferencing on devlinkalloc failure. devlinkalloc may return NULL when allocation fails, but presteradevlinkalloc will unconditionally call devlinkpriv on the returned pointer. This can lead...

5.5CVSS5.9AI score0.00115EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: crypto: marvell/octeontx – prevents integer overflows The value of “codelength” comes from the firmware file. If your firmware is untrusted, there’s likely very little you can do to protect yourself. Nevertheless, we still try...

5.5AI score0.00209EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fixed use-after-free bugs in mvsworkqueue During the detachment of Marvell’s SAS/SATA controller, the original code calls canceldelayedwork within mvsfree to cancel the delayed work item mqw-workq. However, if...

5.8AI score0.00236EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drivers: perf: marvellcn10k: Fixed a leak in the hotplug callback in tadpmuinit. The tadpmuinit function does not remove the callback added by cpuhpsetupstatemulti when platformdriverregister fails. The callback must be remove...

5.9AI score0.00166EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: phy: marvell: a3700-comphy: Fix out-of-bounds read issue There is an out-of-bounds read access to gbePhyInitfixfixidx.addr during each iteration after fixidx reaches ARRAYSIZEgbePhyInitfix. Ensure that gbePhyInitaddr is used when...

5.5CVSS5.7AI score0.00211EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2026/05/15 6:54 p.m.11 views

Metasploit Wrap-Up 05/15/2026

Weaponizing a text editor for fun and profit Gather round, dear readers, because today, we by we, we mean @h00die dropped the ultimate persistence mechanism: Vim plugin persistence. And honestly, calling it "persistence" feels redundant — Vim is already the most persistent thing ever. Somewhere,...

9.8CVSS8AI score0.79335EPSS
Exploits22
Metasploit
Metasploit
added 2026/05/11 7:3 p.m.286 views

Marvell QConvergeConsole Path Traversal (CVE-2025-6793)

This module exploits a path traversal vulnerability CVE-2025-6793 in Marvell QConvergeConsole use auxiliary/gather/qconvergeconsoletraversal msf auxiliaryqconvergeconsoletraversal show actions ...actions... msf auxiliaryqconvergeconsoletraversal set ACTION msf auxiliaryqconvergeconsoletraversal...

9.4CVSS7.3AI score0.12281EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013555 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...

5.8AI score0.00209EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010902)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010902 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...

6AI score0.00209EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007417)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007417 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mvsas: Fix use-after-free bugs in mvsworkqueue During the detaching of Marvell's SAS/SATA...

5.6AI score0.00236EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.3 views

CVE-2026-23438

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: guard flow control update with globaltxfc in buffer switching mvpp2bmswitchbuffers unconditionally calls mvpp2bmpoolupdateprivfc when switching between per-cpu and shared buffer pool modes. This function programs CM3...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/03/25 2:8 p.m.4 views

CVE-2026-23281

A flaw was found in the Linux kernel's Marvell Libertas Wi-Fi driver. This vulnerability, a use-after-free, occurs because the system does not properly synchronize the freeing of memory with ongoing timer operations. If a timer attempts to access resources after they have been released, it can le...

5.8AI score0.00126EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/02 9:17 a.m.13 views

CVE-2026-23019

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlinkalloc failure devlinkalloc may return NULL on allocation failure, but presteradevlinkalloc unconditionally calls devlinkpriv on the returned pointer. This leads to a NULL...

5.5CVSS5.1AI score0.00115EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/01 12:23 a.m.5 views

SUSE CVE-2026-23019

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlinkalloc failure devlinkalloc may return NULL on allocation failure, but presteradevlinkalloc unconditionally calls devlinkpriv on the returned pointer. This leads to a NULL...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References3
Rows per page
Query Builder