Lucene search
K

153 matches found

RedhatCVE
RedhatCVE
added 2025/12/31 12:17 p.m.14 views

CVE-2023-54223

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/30 3:30 p.m.5 views

EUVD-2023-60418

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

6.1AI score0.00155EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/30 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992469)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992469 advisory. In the Linux kernel, the following vulnerability has been resolved: xsk: Add missing overflow check in xdpumemreg The number of chunks can overflow u32. Make sure to...

5.5CVSS6.2AI score0.00183EPSS
Exploits0References4
OSV
OSV
added 2025/12/24 9:9 a.m.6 views

RLSA-2025:23279 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns CVE-2025-38499 kernel: net: tun: Update napi-skb after XDP process CVE-2025-39984 For more details about the...

7.8CVSS6.7AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/24 12:24 a.m.5 views

SUSE CVE-2025-68341

In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP nodirect return section to fix race As explain in commit fa349e396e48 "veth: Fix race with AFXDP exposing old or uninitialized descriptors" for veth there is a chance after napicompletedone that another CPU can...

5.5CVSS6.4AI score0.00158EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/12/23 1:58 p.m.29 views

CVE-2025-68341 veth: reduce XDP no_direct return section to fix race

In the Linux kernel, the following vulnerability has been resolved: veth: reduce XDP nodirect return section to fix race As explain in commit fa349e396e48 "veth: Fix race with AFXDP exposing old or uninitialized descriptors" for veth there is a chance after napicompletedone that another CPU can...

0.00158EPSS
Exploits0References3
CVE
CVE
added 2025/12/23 1:58 p.m.18 views

CVE-2025-68341

The CVE concerns a race in the Linux kernel veth path when using XDP with AF_XDP in threaded-NAPI mode. The root cause is a concurrency hazard in veth_pool() where two NAPI activations or teardowns may operate on the same BPF net context stored in the current task_struct after a PREEMPT_RT-relate...

6AI score0.00158EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/16 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-40350

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: RX, Fix generating skb from non-linear xdpbuff for striding RQ XDP programs can change the layout of an xdpbuff through bpfxdpadjusttail and...

6.5AI score0.00168EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/11 8:21 a.m.11 views

kernel: bonding: check xdp prog when set bond mode

In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...

5.5CVSS5.7AI score0.00177EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989115)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989115 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPU...

5.5CVSS5.9AI score0.0022EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/10/16 11:24 p.m.5 views

SUSE CVE-2025-39984

In the Linux kernel, the following vulnerability has been resolved: net: tun: Update napi-skb after XDP process The syzbot report a UAF issue: BUG: KASAN: slab-use-after-free in skbresetmacheader include/linux/skbuff.h:3150 inline BUG: KASAN: slab-use-after-free in napifragsskb net/core/gro.c:723...

5.5CVSS6.5AI score0.00184EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2025/10/08 11:30 p.m.4 views

SUSE CVE-2023-53660

In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptrring The following warning was reported when running xdpredirectcpu with both skb-mode and stress-mode enabled: ------------ cut here ------------ Incorrect XDP memory type...

5.5CVSS5.3AI score0.00145EPSS
Exploits0References15
EUVD
EUVD
added 2025/10/07 3:21 p.m.4 views

EUVD-2025-32742

In the Linux kernel, the following vulnerability has been resolved: bpf, cpumap: Handle skb as well when clean up ptrring The following warning was reported when running xdpredirectcpu with both skb-mode and stress-mode enabled: ------------ cut here ------------ Incorrect XDP memory type...

6AI score0.00145EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.10 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414402 advisory. network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP eXpress Data Path, a code label was moved in a way allowing for SKBs...

7.8CVSS6.7AI score0.00349EPSS
Exploits0References3
OSV
OSV
added 2025/10/02 3:30 p.m.14 views

USN-7802-1 linux-azure, linux-azure-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

8.1CVSS6.4AI score0.00352EPSS
Exploits0References107
OSV
OSV
added 2025/10/01 11:45 a.m.6 views

CVE-2023-53499 virtio_net: Fix error unwinding of XDP initialization

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix error unwinding of XDP initialization When initializing XDP in virtnetopen, some rq xdp initialization may hit an error causing net device open failed. However, previous rqs have already initialized XDP and enabled...

5.5CVSS6.5AI score0.00146EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/10/01 12:0 a.m.5 views

PT-2025-40206

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel related to virtio net and the initialization of XDP. Specifically, an error during XDP initialization in virtnet open could lead to incomplete rollbac...

6.2AI score0.00146EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/01 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of XDP initialization errors, which could lead to a resource leak...

6.3AI score0.00146EPSS
Exploits0References5
OSV
OSV
added 2025/09/25 2:30 p.m.13 views

USN-7767-2 linux-realtime-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...

8.1CVSS6.7AI score0.00352EPSS
Exploits0References102
Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.9 views

Ubuntu Pro 24.04 LTS Realtime Kernel : Linux kernel (Real-time) vulnerabilities (USN-7767-1)

"The remote Ubuntu Pro 24.04 LTS Realtime Kernel host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7767-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

8.1CVSS7.1AI score0.00352EPSS
Exploits0References102
Rows per page
Query Builder