CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: Rejects changes to vlan+srcmac xmithashpolicy when an XDP program is loaded. The function bondoptionmodeset already rejects changes to the mode that would make a loaded XDP program incompatible through bondxdpcheck...

5.5CVSS5.7AI score0.00018EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv4: The issue related to data races around sysctlfibmultipathhashpolicy has been fixed. When reading sysctlfibmultipathhashpolicy, it is possible for it to be changed concurrently. Therefore, we need to add READONCE to its...

4.7CVSS6.1AI score0.00062EPSS

Exploits0References1

Tenable Nessus•added 2026/04/08 12:0 a.m.•0 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006666)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006666 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctlfibmultipathhashpolicy. While reading...

4.7CVSS6.3AI score0.00062EPSS

Exploits0References4

Microsoft CVE•added 2026/03/26 8:6 a.m.•2 views

bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded

...

7.1CVSS5.8AI score0.00018EPSS

Exploits0

RedhatCVE•added 2026/03/25 5:34 p.m.•1 views

CVE-2026-23310

A flaw was found in the Linux kernel's bonding module. A local user could exploit this by changing the transmit hash policy xmithashpolicy to vlan+srcmac on a bonded network interface while an eXpress Data Path XDP program is active. This incompatible configuration change can lead to a kernel...

5.5CVSS5.7AI score0.00018EPSS

Exploits0References4

SUSE CVE•added 2026/03/25 4:56 p.m.•3 views

SUSE CVE-2026-23310

In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmithashpolicy change when XDP is loaded bondoptionmodeset already rejects mode changes that would make a loaded XDP program incompatible via bondxdpcheck. However, bondoptionxmithashpolicyset has ...

5.5CVSS5.7AI score0.00018EPSS

Exploits0References3

EUVD•added 2026/03/25 12:30 p.m.•2 views

EUVD-2026-15252

5.7AI score0.00018EPSS

Exploits0References6

NVD•added 2026/03/25 11:16 a.m.•0 views

CVE-2026-23310

5.5CVSS0.00018EPSS

Exploits0References5

OSV•added 2026/03/25 11:16 a.m.•1 views

UBUNTU-CVE-2026-23310

5.5CVSS5.7AI score0.00018EPSS

Exploits0References8

UbuntuCve•added 2026/03/25 11:16 a.m.•2 views

CVE-2026-23310

5.5CVSS5.7AI score0.00018EPSS

Exploits0References7

Debian CVE•added 2026/03/25 10:27 a.m.•2 views

CVE-2026-23310

5.5CVSS5.2AI score0.00018EPSS

Exploits0

CVE•added 2026/03/25 10:27 a.m.•9 views

CVE-2026-23310

Summary: CVE-2026-23310 affects the Linux kernel bonding/kern XDP path. If a bond is in 802.3ad or balance-xor mode and an XDP program is loaded, changing xmit_hash_policy to vlan+srcmac can escape the existing guard, leaving bond->xdp_prog set and causing an incompatible state during tear-dow...

5.5CVSS5.7AI score0.00018EPSS

Exploits0References5Affected Software1

OSV•added 2026/03/25 10:27 a.m.•1 views

CVE-2026-23310 bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded

5.5CVSS5.7AI score0.00018EPSS

Exploits0References8

Cvelist•added 2026/03/25 10:27 a.m.•14 views

CVE-2026-23310 bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded

0.00018EPSS

Exploits0References5

Tenable Nessus•added 2026/03/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf/bonding: reject vlan+srcmac xmithashpolicy change when XDP is loaded bondoptionmodeset already rejects mode changes that would make a loaded XDP program...

5.5CVSS5.8AI score0.00018EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 9:3 a.m.•2 views

CVE-2024-39305

Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...

9.1CVSS6.8AI score0.00046EPSS

Exploits0References1

Positive Technologies•added 2026/01/01 12:0 a.m.•1 views

PT-2026-27675

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the bonding driver where changes to the xmit hash policy to vlan+srcmac are not properly restricted when an XDP program is loaded. Specifically, the...

7.8CVSS5.4AI score0.00022EPSS

Exploits0References74

SUSE CVE•added 2025/02/27 3:4 a.m.•1 views

SUSE CVE-2022-49579

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctlfibmultipathhashpolicy. While reading sysctlfibmultipathhashpolicy, it can be changed concurrently. Thus, we need to add READONCE to its readers...

5.5CVSS6.5AI score0.00062EPSS

Exploits0References7

OSV•added 2025/02/26 7:1 a.m.•1 views

DEBIAN-CVE-2022-49579

4.7CVSS5.3AI score0.00062EPSS

Exploits0References1

OSV•added 2025/02/26 7:1 a.m.•0 views

UBUNTU-CVE-2022-49579

4.7CVSS6.1AI score0.00062EPSS

Exploits0References6

Rows per page