CVE-2026-10637

subsys/net/ip/ipv6mld.c:mldsend read the packet interface via netpktifacepkt after netsenddatapkt returned successfully. Per the network stack's ownership contract include/zephyr/net/netcore.h, and the explicit warning in subsys/net/ip/netcore.c:453-460 'do not use pkt after that call', a...

CVE-2026-20118

The CVE affects Cisco IOS XR on the NCS 5500 series (NC57 line cards) and NCS 5700 routers running IOS XR. It arises from corruption of packets when an EPNI Aligner interrupt is triggered during heavy transit, which can be exploited by an unauthenticated remote attacker sending a continuous flow ...

ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330

...

af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK

...

SUSE CVE-2011-2898

net/packet/afpacket.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application...

SUSE CVE-2015-6855

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WINREADNATIVEMAX command to an empty drive, which triggers a...

SUSE CVE-2016-8655

Race condition in net/packet/afpacket.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service use-after-free by leveraging the CAPNETRAW capability to change a socket version, related to the packetsetring and packetsetsockopt functions...

CVE-2020-1680

On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticat...

The vulnerability of the QEMU hardware emulation software allows a hacker to trigger a service failure or cause some other unknown effect.

The vulnerability of the QEMU hardware emulation software is related to incorrect restrictions on commands received from ATAPI devices. Exploiting this vulnerability can allow a malicious actor to cause service failures or potentially have other unspecified effects by using certain IDE commands...

qemu: ide: atapi: heap overflow during I/O buffer memory access

A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the...

qemu: ide: atapi: heap overflow during I/O buffer memory access

A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the...