Lucene search
K

770 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/01 1:53 p.m.3 views

CVE-2026-31695

In the Linux kernel, the following vulnerability has been resolved: wifi: virtwifi: remove SETNETDEVDEV to avoid use-after-free Currently we execute SETNETDEVDEVdev, &priv-;lowerdev-dev for the virtwifi net devices. However, unregistering a virtwifi device in netdevruntodo can happen together wit...

5.8AI score0.00126EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/05/01 1:53 p.m.14 views

CVE-2026-31695

CVE-2026-31695 is a Linux kernel issue affecting the virt_wifi driver. The root cause is a race during unregistration where a device’s parent pointer could reference freed memory, causing a use-after-free during ethtool operations. The vulnerability arises from using SET_NETDEV_DEV(dev, &priv-&gt...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References7Affected Software1
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the virtwifi device to reallocate memory after release. This could lead to access to...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.10 views

SUSE CVE-2026-31494

In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...

4.4CVSS5.6AI score0.00129EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.8 views

SUSE CVE-2026-31505

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should use numtxqueues instead. Moreover iavfgetethtoolstats uses...

7CVSS5.8AI score0.00129EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/04/22 7:45 p.m.6 views

CVE-2026-31505

A flaw was found in the Linux kernel's iavf driver. This vulnerability, an out-of-bounds write, occurs when a user simultaneously executes specific ethtool commands, specifically "ethtool -L" and "ethtool -S". This can lead to memory corruption, potentially causing a system crash and resulting in...

7.8CVSS5.3AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/22 7:20 p.m.6 views

CVE-2026-31494

A flaw was found in the Linux kernel's macb network driver. A local user can exploit this vulnerability due to an out-of-bounds write in the gemgetethtoolstats function. This occurs when the driver incorrectly copies data using the maximum number of queues instead of the active number, leading to...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/22 3:31 p.m.9 views

EUVD-2026-24864

In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...

5.6AI score0.00129EPSS
Exploits0References9
NVD
NVD
added 2026/04/22 2:16 p.m.6 views

CVE-2026-31505

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should use numtxqueues instead. Moreover iavfgetethtoolstats uses...

7.8CVSS0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/04/22 2:16 p.m.5 views

CVE-2026-31494

In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...

7.8CVSS0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/04/22 1:54 p.m.26 views

CVE-2026-31505

The CVE-2026-31505 issue affects the Linux kernel iavf driver: out-of-bounds writes occur because iavf_get_ethtool_stats() uses real_num_tx_queues for ETH_SS_STATS while other paths use num_tx_queues, enabling memory corruption when ethtool -L and ethtool -S run concurrently. The fix is to use im...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/22 1:54 p.m.30 views

CVE-2026-31505 iavf: fix out-of-bounds writes in iavf_get_ethtool_stats()

In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should use numtxqueues instead. Moreover iavfgetethtoolstats uses...

7.8CVSS0.00129EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/22 1:54 p.m.29 views

CVE-2026-31494 net: macb: use the current queue number for stats

In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gemgetssetcount correctly computes the number of stats based on the activ...

7.8CVSS0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/04/22 1:54 p.m.18 views

CVE-2026-31494

Technical details for CVE-2026-31494 are not publicly provided in the supplied documents; monitor for updates.

7.8CVSS5.6AI score0.00129EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34410

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the iavf driver where the iavf get ethtool stats function incorrectly uses the num active queues variable, while iavf get sset count and iavf get stat strings use real...

7.8CVSS5.2AI score0.00129EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/22 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the iavfgetethtoolstats function using realnumtxqueues, leading to out-of-bounds writes. This...

7.8CVSS7AI score0.00129EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-31505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iavf: fix out-of-bounds writes in iavfgetethtoolstats iavf incorrectly uses realnumtxqueues for ETHSSSTATS. Since the value could change in runtime, we should u...

7.8CVSS6.2AI score0.00129EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.6 views

PT-2026-34399

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A mismatch exists between the memory reserved for statistics and the amount of memory written in the macb network driver. The function gem get sset count calculates the number of...

9.8CVSS5.3AI score0.0049EPSS
Exploits0References470
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-007499)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007499 advisory. In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when...

6.4AI score0.00168EPSS
Exploits0References4
Rows per page
Query Builder