CVE-2026-53211

In the Linux kernel fix for CVE-2026-53211, the vulnerability stems from netfilter nft_meta_bridge where NFT_META_BRI_IIFHWADDR declares a 6-byte destination register, which is rounded up to two 32-bit registers (8 bytes). nft_meta_bridge_get_eval() performs memcpy(dest, br_dev->dev_addr, ETH_...

EUVD-2026-39302

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftmetabridge: fix stale stack leak via IIFHWADDR register NFTMETABRIIIFHWADDR declares its destination register with len = ETHALEN 6 bytes, which the register-init tracking rounds up to two 32-bit registers 8 bytes...

CVE-2026-52937

A flaw was found in the Linux kernel's tap driver. This vulnerability allows an attacker to potentially disclose sensitive kernel stack memory contents to userspace. The flaw occurs in the tapioctl function when handling the SIOCGIFHWADDR command, where uninitialized portions of a stack-allocated...

UBUNTU-CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: fixed a potential memory leak in octepdevicesetup. When errors such as unsupporteddev and mbox init occur, the variables oct-conf and iounmap oct-mmioi.hwaddr were not freed properly. This could lead to a memory leak...

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

CVE-2026-45844

In the Linux kernel, the following vulnerability has been resolved: netfilter: arptables: fix IEEE1394 ARP payload parsing Weiming Shi says: "arppacketmatch unconditionally parses the ARP payload assuming two hardware addresses are present source and target. However, IPv4-over-IEEE1394 ARP RFC 27...

CVE-2026-45844

Summary: CVE-2026-45844 affects the Linux kernel netfilter arp_tables on IEEE1394 (FireWire) interfaces. The vulnerability arises because arp_packet_match() unconditionally parses the ARP payload assuming both source and target hardware addresses exist, while IPv4-over-IEEE1394 ARP omits the targ...

CVE-2025-67114

The CVE-2025-67114 affects the Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware, where a deterministic credential generation in /ftl/bin/calc_f2 allows remote attackers to derive valid admin/root credentials from the MAC address, enabling authentication bypass and full device access. Mi...

CVE-2025-3654

Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an information disclosure vulnerability that allows unauthorized access to device hardware information by exploiting insecure API endpoints. Attackers can retrieve device serial numbers and MAC addresses through...

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

PT-2025-48965

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1280 and 2200 affected versions not specified Description An issue exists in the Camera component of Samsung Mobile Processors Exynos 1280 and 2200. An unnecessary registration of a hardware IP address within th...

CVE-2025-64385

CVE-2025-64385 affects Circutor TCPRS1plus. The issue arises when configuring the device via UDP through the manufacturer’s software, where any aspect of the initial configuration can be changed by the device’s MAC address without authentication. The vulnerability is observed in the UDP configura...

EUVD-2021-0144

Malware in sbrugna...

Google Android Information Disclosure Vulnerability (CNVD-2025-21348)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by a lack of permission checking in the audio service. An attacker can exploit the vulnerability to obtain the MAC address of a nearby...

i40e: Do not allow untrusted VF to remove administratively set MAC

...

CVE-2025-52054

An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate wit...

Linux Distros Unpatched Vulnerability : CVE-2021-38598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a...