Lucene search
+L

25 matches found

osv
osv
added 2 days ago2 views

SUSE-SU-2026:2991-1 Security update for the Linux Kernel (Live Patch 54 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.219 fixes various security issues The following security issues were fixed: - CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmcrelease bsc1264094. - CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1265197. -...

9.8CVSS6.7AI score0.00563EPSS
Exploits4References21
osv
osv
added 3 days ago2 views

SUSE-SU-2026:2895-1 Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.31 fixes various security issues The following security issues were fixed: - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. - CVE-2026-31505: iavf: fix out-of-bounds writes in iavfgetethtoolstats...

9.8CVSS6.7AI score0.00563EPSS
Exploits7References49
osv
osv
added 6 days ago1 views

SUSE-SU-2026:2839-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work bsc1255416. - CVE-2026-43198: tcp: fix potential race in tcpv6synrecvsock bsc1264610. ...

9.8CVSS6.7AI score0.00346EPSS
Exploits16References22
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: bonding: Do not assume that the skbmacheader is set. Drivers must not assume that skbs have their macheader set. skb-data is all that is needed. bonding seems to be one of the last vulnerabilities detected by syzbot: WARNING:...

5.5CVSS6.7AI score0.00136EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: llc: Makes llcuisendmsg more robust against changes related to bonding. syzbot was able to exploit llcuisendmsg, allocating a skb without sufficient headroom, and then attempting to append 14 bytes of Ethernet header information...

5.5CVSS6.2AI score0.0024EPSS
Exploits0References2
nessus
nessus
added 2026/05/20 12:0 a.m.10 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021602)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021602 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 net: lapbether: only support...

5.5CVSS5.8AI score0.00242EPSS
Exploits0References4
debiancve
debiancve
added 2026/05/08 2:22 p.m.6 views

CVE-2026-43456

In the Linux kernel, the following vulnerability has been resolved: bonding: fix type confusion in bondsetupbyslave kernel BUG at net/core/skbuff.c:2306! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:pskbexpandhead+0xa08/0xfe0 net/core/skbuff.c:2306 RSP: 0018:ffffc90004aff760 EFLAGS:...

7.8CVSS5.7AI score0.00157EPSS
Exploits0
nessus
nessus
added 2026/04/13 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-31419

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it f...

7.8CVSS6.9AI score0.00124EPSS
Exploits0References4
euvd
euvd
added 2026/04/03 6:31 p.m.14 views

EUVD-2026-18702

In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...

5.7AI score0.00441EPSS
Exploits0References5
nessus
nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989888)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989888 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 net: lapbether: only support...

5.5CVSS5.9AI score0.00242EPSS
Exploits0References4
nessus
nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988806 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 net: lapbether: only support...

5.5CVSS5.9AI score0.00242EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-54566

Malicious code in bioql PyPI...

7.8CVSS6AI score0.00281EPSS
Exploits0References9
osv
osv
added 2025/05/02 4:15 p.m.5 views

UBUNTU-CVE-2023-53103

In the Linux kernel, the following vulnerability has been resolved: bonding: restore bond's IFFSLAVE flag if a non-eth dev enslave fails syzbot reported a warning1 where the bond device itself is a slave and we try to enslave a non-ethernet device as the first slave which fails but then in the...

5.5CVSS6.3AI score0.00165EPSS
Exploits0References7
osv
osv
added 2025/02/26 2:24 a.m.13 views

CVE-2022-49667 net: bonding: fix use-after-free after 802.3ad slave unbind

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free after 802.3ad slave unbind commit 0622cab0341c "bonding: fix 802.3ad aggregator reselection", resolve case, when there is several aggregation groups in the same bond. bond3adunbindslave will...

7.8CVSS5.4AI score0.00281EPSS
Exploits0References11
osv
osv
added 2024/11/29 11:58 a.m.9 views

OESA-2024-2494 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb,...

7.8CVSS6.3AI score0.00309EPSS
Exploits0References36
nessus
nessus
added 2024/10/13 12:0 a.m.21 views

CBL Mariner 2.0 Security Update: kernel (CVE-2024-44990)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-44990 advisory. - In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in...

5.5CVSS6AI score0.00239EPSS
Exploits0References2
nessus
nessus
added 2024/09/24 12:0 a.m.25 views

CentOS 9 : kernel-5.14.0-511.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-511.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: pipe: wakeup wrwait after setting maxusage Commit c73be61cede5 pipe...

7CVSS6AI score0.00255EPSS
Exploits0References5
nessus
nessus
added 2024/09/18 12:0 a.m.28 views

Oracle Linux 7 : kernel (ELSA-2024-5259)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5259 advisory. 3.10.0-1160.119.1.0.3.el7.OL7 - net: fix dstnegativeadvice race Eric Dumazet Orabug: 36947298 3.10.0-1160.119.1.0.2.el7.OL7 - md/raid5: fix oops during...

7.8CVSS7.3AI score0.02701EPSS
Exploits1References3
nvd
nvd
added 2024/09/04 8:15 p.m.15 views

CVE-2024-44989

In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm realdev null pointer dereference We shouldn't set realdev to NULL because packets can be in transit and xfrm might call xdodevoffloadok in parallel. All callbacks assume realdev is set. Example trace: kernel: BU...

5.5CVSS0.00239EPSS
Exploits0References11
osv
osv
added 2024/09/04 8:15 p.m.7 views

AZL-48795 CVE-2024-44990 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bondipsecoffloadok We must check if there is an active slave before dereferencing the pointer...

5.5CVSS6.3AI score0.00239EPSS
Exploits0References1
Rows per page
Query Builder