CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 5 days ago•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: devlink: The region-snapshotlock was not held during snapshot flushing. Netdevsim triggers a segmentation fault when reloading, especially when destroying regions with snapshots pending: WARNING: CPU: 1 PID: 787 at...

5.7AI score0.00198EPSS

Exploits0References1

Tenable Nessus•added 6 days ago•5 views

Siemens RUGGEDCOM RST2428P Improper Update of Reference Count (CVE-2025-40251)

In the Linux kernel, the following vulnerability has been resolved: devlink: rate: Unset parent pointer in devlratenodesdestroy The function devlratenodesdestroy is documented to Unset parent for all rate objects. However, it was only calling the driver-specific rateleafparentset or...

5.5CVSS5.9AI score0.00123EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-45907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Fix deadlocks between devlink and netdev instance locks In the mentioned Fixes commit, various work tasks triggering devlink health reporter recovery...

SUSE CVE•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45907

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlocks between devlink and netdev instance locks In the mentioned "Fixes" commit, various work tasks triggering devlink health reporter recovery were switched to use netdevtrylock to protect against concurrent...

RedhatCVE•added 2026/05/28 2:3 a.m.•10 views

CVE-2026-45907

A flaw was found in the Linux kernel's mlx5e network driver. Incorrect lock ordering between devlink and netdev instance locks can lead to deadlocks. This issue can be triggered during various work tasks related to devlink health reporter recovery or concurrent channel tear down. A local attacker...

5.5CVSS5.8AI score0.00198EPSS

Exploits0References4

EUVD•added 2026/05/27 3:33 p.m.•9 views

EUVD-2026-32373

NVD•added 2026/05/27 2:17 p.m.•10 views

Exploits0References4

CVE-2026-45907

0.00198EPSS

OSV•added 2026/05/27 2:17 p.m.•4 views

UBUNTU-CVE-2026-45907

5.7AI score0.00198EPSS

Cvelist•added 2026/05/27 12:17 p.m.•35 views

CVE-2026-45907 net/mlx5e: Fix deadlocks between devlink and netdev instance locks

0.00198EPSS

Debian CVE•added 2026/05/27 12:17 p.m.•6 views

CVE-2026-45907

5.7AI score0.00198EPSS

Exploits0

CVE•added 2026/05/27 12:17 p.m.•13 views

CVE-2026-45907

CVE-2026-45907 : In the Linux kernel, the net/mlx5e subsystem could deadlock between devlink and netdev instance locks due to incorrect lock ordering during recovery. The fix moves netdev_trylock usage from high-level work handlers to the lower recovery functions where it’s actually required, ali...

CNNVD•added 2026/05/27 12:0 a.m.•7 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a deadlock issue between devlink and netdev instances. Due to an error in the lock order during t...

UbuntuCve•added 2026/05/27 12:0 a.m.•12 views

CVE-2026-45907

net/mlx5e: Fix deadlocks between devlink and netdev instance locks...

Positive Technologies•added 2026/05/27 12:0 a.m.•9 views

PT-2026-43774

OSV•added 2026/05/20 11:2 a.m.•5 views

Exploits0References4

SUSE-SU-2026:21737-1 Security update for iproute2

This update for iproute2 fixes the following issue - CVE-2024-58251: denial of service via terminal escape sequences bsc1254324. Changes for iproute2: - support display of bound but unconnected sockets bsc1204562. - avoid spurious cgroup warning bsc1234383. - add post-6.4 follow-up fixes...

2.5CVSS5.8AI score0.00238EPSS

Exploits0References7

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: fix buffer overflow in sja1105setupdevlinkregions If an error occurs in dsadevlinkregioncreate, then the array ‘priv-regions’ will be accessed using a negative index -1. This issue was identified by the Linux...

7.8CVSS6AI score0.00225EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fixed the premature call to devlinkfree in the ixgberemove function. Since devlinkfree is part of devlink, calling it prematurely in the ixgberemove function can lead to a Use-After-Free exception. This function has been...

5.3AI score0.00154EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux

A vulnerability was discovered in the Linux kernel. It has been classified as critical. This issue affects the devlinkparamset/devlinkparamget functions in the net/core/devlink.c file of the IPsec component. The vulnerability allows for exploitation after memory allocation. It is recommended that...

7.8CVSS6.3AI score0.00316EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Register devlink first under the devlink lock. If the device encounters a non-fatal firmware error during the probe, the driver will report the error to the user via devlink. This will trigger a WARN, since mlx5 calls...

5.5CVSS5.9AI score0.00225EPSS