Lucene search
K

32 matches found

CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53266

The CVE-2026-53266 entry concerns the Linux kernel netfilter bridge path, where ebt_snat ARP sender hardware address rewrite could be performed on non-writable memory. Root cause: ARP SHA is written via skb_store_bits() relative to skb->data, and skb_header_pointer() only safely reads the ARP ...

8.8CVSS5.7AI score0.00129EPSS
Exploits0References8
NVD
NVD
added 2026/05/01 3:16 p.m.7 views

CVE-2026-31752

In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: validate ND option lengths brndsend walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option...

5.5CVSS0.00123EPSS
Exploits0References8
NVD
NVD
added 2026/05/01 3:16 p.m.6 views

CVE-2026-31738

In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...

5.5CVSS0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/01 2:14 p.m.15 views

CVE-2026-31752

CVE-2026-31752 affects the Linux kernel bridge/networking path: br_nd_send validates IPv6 neighbor discovery options, and a malformed ND option could cause the parser to read beyond the intended option span or read an LLADDR payload that is too short. The issue is mitigated by option-length check...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/05/01 2:14 p.m.8 views

EUVD-2026-26565

In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: validate ND option lengths brndsend walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option...

5.8AI score0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/01 2:14 p.m.9 views

EUVD-2026-26551

In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...

5.8AI score0.00123EPSS
Exploits0References8
CVE
CVE
added 2026/05/01 2:14 p.m.16 views

CVE-2026-31738

CVE-2026-31738 concerns the Linux kernel vxlan code (vxlan_na_create) where ND option lengths are not properly validated. The flaw can cause the parser to advance beyond the option span or read an undersized LLADDR payload, enabling source address reading only when the option is large enough; imp...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/01 2:14 p.m.27 views

CVE-2026-31738 vxlan: validate ND option lengths in vxlan_na_create

In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...

0.00123EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.6 views

PT-2026-36373

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the vxlan na create function where ND options are processed based on lengths provided within the options. A malformed option can cause the parser to advance beyond the...

5.5CVSS5.3AI score0.00123EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.7 views

PT-2026-35973

Name of the Vulnerable Software and Affected Versions FreeRTOS-Plus-TCP versions prior to 4.2.6 FreeRTOS-Plus-TCP versions prior to 4.4.1 Description Insufficient packet validation allows an adjacent network actor to bypass checksum and minimum-size validation. This occurs because the loopback...

7.1CVSS5.8AI score0.00177EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.5 views

EulerOS 2.0 SP12 : libpcap (EulerOS-SA-2026-1399)

According to the versions of the libpcap package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must ...

1.9CVSS5.8AI score0.00098EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:7 p.m.5 views

CVE-2026-23070

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

5.1AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/01/22 10:14 a.m.3 views

SUSE-SU-2026:20120-1 Security update for libpcap

This update for libpcap fixes the following issues: - CVE-2025-11961: missing validation of provided MAC-48 address string in pcapetheraton can lead to out-of-bounds read and write bsc1255765...

1.9CVSS5.8AI score0.00098EPSS
Exploits0References3
OSV
OSV
added 2025/12/31 1:15 a.m.7 views

AZL-73344 CVE-2025-11961 affecting package nmap for versions less than 7.95-3

pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function...

1.9CVSS5.6AI score0.00098EPSS
Exploits0References1
OSV
OSV
added 2025/12/31 1:15 a.m.4 views

CVE-2025-11961

pcapetheraton is an auxiliary function in libpcap, it takes a string argument and returns a fixed-size allocated buffer. The string argument must be a well-formed MAC-48 address in one of the supported formats, but this requirement has been poorly documented. If an application calls the function...

1.9CVSS6.8AI score
Exploits0References1
Debian CVE
Debian CVE
added 2025/12/09 1:30 a.m.5 views

CVE-2023-53863

In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address 1 Replace ETHALEN by dev-addrlen. 1 Case of a device where dev-addrlen = 4 BUG: KMSAN:...

5.4AI score0.00223EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2013-1614

Malware in sbrugna...

2.9CVSS5.9AI score0.00728EPSS
Exploits0References9
CVE
CVE
added 2025/09/19 3:26 p.m.30 views

CVE-2025-39853

CVE-2025-39853 affects the Linux kernel i40e driver. The issue arises when the MAC list is empty, as list_first_entry() can return a pointer to an invalid object, risking invalid memory access upon use. The advisory notes the fix is to replace list_first_entry() with list_first_entry_or_null(), p...

7.1CVSS6.1AI score0.00152EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVE
added 2025/08/22 4:0 p.m.6 views

CVE-2025-38628

In the Linux kernel, the following vulnerability has been resolved: vdpa/mlx5: Fix release of uninitialized resources on error path The commit in the fixes tag made sure that mlx5vdpafree is the single entrypoint for removing the vdpa device resources added in mlx5vdpadevadd, even in the cleanup...

5.5CVSS5.3AI score0.00145EPSS
Exploits0
CVE
CVE
added 2025/08/19 5:2 p.m.44 views

CVE-2025-38569

CVE-2025-38569 (Linux kernel benet) arises from a bug in the be2net SR-IOV VF MAC address configuration flow where be_cmd_set_mac_list() calls dma_free_coherent() while still under spin_lock_bh, leading to a kernel crash (BUG at mm/vmalloc.c and OOPs) when SR-IOV VFs are created. The linked advis...

5.5CVSS7.1AI score0.0016EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder