Lucene search
K

220 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: Initializing the event handler for read bytes A value of 0xff was set for I2C reads of the mctp-i2c device. Otherwise, reads will return “val” from the I2C bus driver. For I2c-aspeed and i2c-npcm7xx, this represents an...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return val from the i2c bus driver. For...

5.5CVSS6.2AI score0.00156EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.12 views

SUSE CVE-2026-45865

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.8AI score0.00156EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 12:57 a.m.13 views

CVE-2026-45930

A flaw was found in the Linux kernel's Multi-Channel Transport Protocol MCTP networking implementation. When processing a RTMGETNEIGH request, the system may return uninitialized data in the ndmsg pad bytes. This can allow a local attacker to obtain sensitive information from kernel memory, leadi...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.11 views

EUVD-2026-32331

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.8AI score0.00156EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.19 views

UBUNTU-CVE-2026-45930

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:16 p.m.11 views

CVE-2026-45865

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.5CVSS0.00156EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 2:16 p.m.9 views

UBUNTU-CVE-2026-45865

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.43 views

CVE-2026-45930 net: mctp: ensure our nlmsg responses are initialised

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...

0.00128EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:17 p.m.4 views

CVE-2026-45930

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...

5.7AI score0.00128EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:17 p.m.14 views

CVE-2026-45930

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...

5.5CVSS5.7AI score0.00128EPSS
Exploits0
CVE
CVE
added 2026/05/27 12:17 p.m.27 views

CVE-2026-45930

CVE-2026-45930 is a Linux kernel netlink issue in net: mctp where RTM_GETNEIGH could return uninitialised data in ndmsg pad bytes. The root cause is not fully detailed here beyond the description, but connected OSV entries indicate patches to fix nlmsg initialisation in link/addr/neigh responses....

5.5CVSS5.8AI score0.00128EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:15 p.m.13 views

CVE-2026-45865

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.5CVSS5.7AI score0.00156EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/27 12:15 p.m.44 views

CVE-2026-45865 mctp i2c: initialise event handler read bytes

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

0.00156EPSS
Exploits0References6
CVE
CVE
added 2026/05/27 12:15 p.m.26 views

CVE-2026-45865

The CVE-2026-45865 issue concerns the Linux kernel MCTP over I2C implementation. A read handling bug caused i2c reads from an mctp-i2c device to return 0xff instead of the data provided by the I2C bus driver, leaving the reads effectively biased to 0xff. The root cause is described as an uninitia...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.17 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the uninitialized data in the RTMGETNEIGH response message in the net/mctp module. This could lead to t...

5.8AI score0.00128EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-43732

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mctp-i2c device where i2c reads fail to initialize the event handler read bytes. This causes reads to return the val variable from the i2c bus driver. In the cases...

5.5CVSS5.4AI score0.00156EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: Fixed a skb memory leak in the receive path. When midev-allowrx is set to false, the newly allocated skb is not consumed by netifrx. It is necessary to free the skb directly...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mctp: Route lookups now perform under a RCU read-side lock. Our current route lookups mctproutelookup and mctproutelookupnull traverse the network’s route list without holding the RCU read lock. This means that the route lookups...

7.8CVSS6.2AI score0.00231EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mctp: Fixed an error handling path in mctpinit. If mctpneighinit returns an error, the route resources should be released during the error handling path. Otherwise, some resources may be leaked...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References1
Rows per page
Query Builder