CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check the confirmed bit in brnflocalin after confirmation. When sending a broadcast packet to a tap device, which is added to a bridge, the brnflocalin function is called to confirm the conntrack. I...

5.5CVSS5.3AI score0.00136EPSS

Exploits0References2

Cvelist•added 2025/10/01 7:42 a.m.•6 views

CVE-2025-39894 netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check confirmed bit in brnflocalin after confirm When send a broadcast packet to a tap device, which was added to a bridge, brnflocalin is called to confirm the conntrack. If another conntrack with...

0.00136EPSS

Exploits0References6

CVE•added 2025/10/01 7:42 a.m.•13 views

CVE-2025-39894

CVE-2025-39894 affects the Linux kernel netfilter bridge path (br_netfilter) specifically br_nf_local_in(). The issue arises when a broadcast packet to a tap device added to a bridge triggers br_nf_local_in() to confirm a conntrack; if another conntrack with the same hash is added, a warning may ...

5.5CVSS5.8AI score0.00136EPSS

Exploits0References7Affected Software1

SUSE CVE•added 2024/10/22 2:23 p.m.•2 views

SUSE CVE-2022-48974

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: fix using thiscpuadd in preemptible Currently in nfconntrackhashcheckinsert, when it fails in nfctextvalidpre/post, NFCTSTATINC will be called in the preemptible context, a call trace can be triggered: BUG:...

5.5CVSS6AI score0.00203EPSS

Exploits0References3