Lucene search
K

691 matches found

NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31647

In the Linux kernel, the following vulnerability has been resolved: idpf: fix PREEMPTRT raw/bh spinlock nesting for async VC handling Switch from using the completion's raw spinlock to a local lock in the idpfvcxn struct. The conversion is safe because complete/all are called outside the lock and...

5.5CVSS0.00122EPSS
Exploits0References4
NVD
NVD
added 2026/04/24 3:16 p.m.7 views

CVE-2026-31644

In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966xfdmareload When lan966xfdmareload fails to allocate new RX buffers, the restore path restarts DMA using old descriptors whose pages were already freed via lan966xfdmarxfreepages...

7.8CVSS0.00125EPSS
Exploits0References4
CVE
CVE
added 2026/04/24 2:35 p.m.15 views

CVE-2026-31565

Summary: CVE-2026-31565 affects the Linux kernel RDMA/irdma component, where a netdev reset with active RDMA applications can deadlock during device/client removal (cma/uverbs paths). The root cause is a circular dependency between iWARP-related clients and references held during device reset, le...

5.5CVSS5.3AI score0.00095EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.9 views

PT-2026-34917

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the RDMA/irdma component when a netdev reset is executed while RDMA applications are active. The netdev reset leads the ice driver to remove the irdma auxiliary...

9.8CVSS5.5AI score0.0049EPSS
Exploits7References468
RedhatCVE
RedhatCVE
added 2026/04/22 7:33 p.m.7 views

CVE-2026-31502

A flaw was found in the Linux kernel's team network device. This vulnerability involves a type confusion in header operations when handling non-Ethernet ports. An attacker could potentially exploit this by causing the team device to misinterpret network device private data, leading to a system...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/04/22 2:16 p.m.5 views

CVE-2026-31504

In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packetrelease via NETDEVUP race packetrelease has a race window where NETDEVUP can re-register a socket into a fanout group's arr array. The re-registration is not cleaned up by fanoutrelease, leaving a...

7.8CVSS0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/04/22 1:54 p.m.27 views

CVE-2026-31504

The CVE-2026-31504 entry describes a race in the Linux kernel’s networking stack: during a NETDEV_UP event, a socket re-registration into a fanout group’s arr[] can leave a dangling pointer if packet_release() doesn’t clear po->num while bind_lock is held. This Use-After-Free risk stems from a...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References8Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/22 12:32 a.m.9 views

kernel: smc: Fix use-after-free in __pnet_find_base_ndev()

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...

5.6AI score0.0017EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a NETDEVUP condition that allows for the reuse of freed fanout resources after release. This can...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/13 5:23 p.m.4 views

CVE-2026-40023

A flaw was found in Apache Log4cxx. An attacker who can influence logged data can exploit this by injecting characters forbidden by the XML 1.0 specification a standard for encoding documents into log messages, Network Device Configuration NDC, and Mapped Diagnostic Context MDC property keys and...

6.3CVSS5.7AI score0.00499EPSS
Exploits0References8
OSV
OSV
added 2026/04/11 2:3 p.m.7 views

OESA-2026-1848 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can lead to the callback firing later on and...

7.5CVSS6.2AI score0.00783EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.5 views

CVE-2025-50649

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper input validation in the vlanname parameter in the /shutset.asp endpoint...

7.5CVSS6AI score0.00516EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/04/08 3:26 a.m.10 views

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

7.8CVSS6AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/06 4:24 p.m.9 views

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

7.8CVSS6AI score0.00119EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/03 6:31 p.m.3 views

EUVD-2026-18677

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

5.7AI score0.00121EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/03 6:31 p.m.5 views

EUVD-2026-18694

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdcncmrxverifyndp32. The DPE array size is validated against the total skb length withou...

5.7AI score0.00129EPSS
Exploits0References6
NVD
NVD
added 2026/04/03 4:16 p.m.3 views

CVE-2026-23436

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

5.5CVSS0.00121EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.6 views

CVE-2026-23437

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

7.8CVSS5.7AI score0.00127EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.6 views

CVE-2026-23442

In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths in6devget can return NULL when the device has no IPv6 configuration e.g. MTU IPV6MINMTU or after NETDEVUNREGISTER. Add NULL checks for idev returned by in6devget in both...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/03 3:15 p.m.1 views

CVE-2026-23459

In the Linux kernel, the following vulnerability has been resolved: iptunnel: adapt iptunnelxmitstats to NETDEVPCPUSTATDSTATS Blamed commits forgot that vxlan/geneve use udptunnel6xmitskb which call iptunnelxmitstats. iptunnelxmitstats was assuming tunnels were only using NETDEVPCPUSTATTSTATS...

5.7AI score0.00299EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder