14 matches found
UBUNTU-CVE-2026-45844
In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...
CVE-2026-45844
In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...
PT-2026-43678
In the Linux kernel, the following vulnerability has been resolved: netfilter: arp tables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arp packet match unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC...
Linux Distros Unpatched Vulnerability : CVE-2026-45844
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses a...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTOUNSPEC where needed syzbot managed to call xtcluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xtcluster.c:72 xtclustermt+0x196/0x780 .. ebtdotable+0x174b/0x2a40 Module register...
SUSE CVE-2026-31424
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict xtcheckmatch/xtchecktarget extensions for NFPROTOARP Weiming Shi says: xtmatch and xttarget structs registered with NFPROTOUNSPEC can be loaded by any protocol family through nftcompat. When such a...
EUVD-2026-21948
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict xtcheckmatch/xtchecktarget extensions for NFPROTOARP Weiming Shi says: xtmatch and xttarget structs registered with NFPROTOUNSPEC can be loaded by any protocol family through nftcompat. When such a...
CVE-2026-31424
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: restrict xtcheckmatch/xtchecktarget extensions for NFPROTOARP Weiming Shi says: xtmatch and xttarget structs registered with NFPROTOUNSPEC can be loaded by any protocol family through nftcompat. When such a...
CVE-2026-31424
CVE-2026-31424 concerns a Linux kernel netfilter xtables extension handling bug for NFPROTO_ARP. The issue arises because xt_match/xt_target structs registered with NFPROTO_UNSPEC could be loaded by any protocol family via nft_compat, and ARP’s hook layout differs from IPv4/IPv6. When a match/tar...
PT-2026-32350
In the Linux kernel, the following vulnerability has been resolved: netfilter: x tables: restrict xt check match/xt check target extensions for NFPROTO ARP Weiming Shi says: xt match and xt target structs registered with NFPROTO UNSPEC can be loaded by any protocol family through nft compat. When...
DEBIAN-CVE-2024-50038
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTOUNSPEC where needed syzbot managed to call xtcluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xtcluster.c:72 xtclustermt+0x196/0x780 .. ebtdotable+0x174b/0x2a40 Module register...
CVE-2024-50038 netfilter: xtables: avoid NFPROTO_UNSPEC where needed
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTOUNSPEC where needed syzbot managed to call xtcluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xtcluster.c:72 xtclustermt+0x196/0x780 .. ebtdotable+0x174b/0x2a40 Module register...
nftables bug fix and enhancement update
An update is available for nftables. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nftables provides a packet-filtering tool, with numerous improvements in...
SCUTUM - Linux Automatic ARP (TCP / UDP / ICMP) Firewall
SCUTUM - Linux Automatic ARP TCP / UDP / ICMP Firewall Current Version Change log: 1. Added Self-Upgrading Function, now users can execute self-upgrading with $ sudo scutum --upgrade 2. Added AVALON Framework Self-Upgrading function included when using "--upgrade" parameter Recent Changes: 1...