CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

CVE-2026-45844

CVE-2026-45844 affects the Linux kernel netfilter arp_tables by fixing IEEE1394 ARP payload parsing. The issue stemmed from arp_packet_match() assuming both source and target hardware addresses exist, causing it to read garbage on IEEE1394 (IPv4-over-IEEE1394, RFC 2734). The patch aligns arp_pack...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: fixed a potential memory leak in octepdevicesetup. When errors such as unsupporteddev and mbox init occur, the variables oct-conf and iounmap oct-mmioi.hwaddr were not freed properly. This could lead to a memory leak. T...

CVE-2025-67114

The CVE-2025-67114 affects the Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware, where a deterministic credential generation in /ftl/bin/calc_f2 allows remote attackers to derive valid admin/root credentials from the MAC address, enabling authentication bypass and full device access. Mi...

CVE-2025-3654

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to device hardware information by exploiting insecure API endpoints. Attackers can retrieve device serial numbers and MAC addresses through...

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

PT-2025-48965

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1280 and 2200 affected versions not specified Description An issue exists in the Camera component of Samsung Mobile Processors Exynos 1280 and 2200. An unnecessary registration of a hardware IP address within th...

CVE-2025-64385

CVE-2025-64385 affects Circutor TCPRS1plus. The issue arises when configuring the device via UDP through the manufacturer’s software, where any aspect of the initial configuration can be changed by the device’s MAC address without authentication. The vulnerability is observed in the UDP configura...

EUVD-2021-0144

Malware in sbrugna...

Google Android Information Disclosure Vulnerability (CNVD-2025-21348)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by a lack of permission checking in the audio service. An attacker can exploit the vulnerability to obtain the MAC address of a nearby...

i40e: Do not allow untrusted VF to remove administratively set MAC

...

CVE-2025-52054

An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate wit...

Linux Distros Unpatched Vulnerability : CVE-2021-38598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a...

Malicious Package

Overview tizdppd is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for social...

Malicious Package

Overview duocafecomment is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for...

Malicious Package

Overview nblogduo is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a larger campaign targeting user credentials. It, and several other variations, masquerade as automation tools for socia...

CVE-2023-0346

Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could gain access to the Akuvox cloud and device if the MAC address of a device if known...

PT-2024-31833 · Motorola · Motorola Cx2

Name of the Vulnerable Software and Affected Versions: Motorola CX2L router versions 1.0.2 and below Description: A command injection issue exists, allowing malicious users to inject and execute arbitrary commands. This is due to the system directly invoking the system function to execute command...