Lucene search
+L

538 matches found

RedHat Linux
RedHat Linux
added 2026/04/06 8:9 a.m.6 views

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References5
OSV
OSV
added 2026/04/06 7:54 a.m.5 views

BIT-MONGODB-2026-4358 Memory safety issues in slot-based execution hash table spill

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

7.5CVSS6AI score0.00342EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/04/01 1:15 a.m.7 views

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

7.8CVSS6AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/30 3:45 p.m.13 views

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/30 11:32 a.m.9 views

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/30 11:5 a.m.10 views

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

7.8CVSS5.9AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/30 10:58 a.m.12 views

kernel: macvlan: fix error recovery in macvlan_common_newlink()

A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...

7.8CVSS5.9AI score0.00119EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/25 5:20 p.m.8 views

CVE-2026-23331

A flaw was found in the Linux kernel's handling of User Datagram Protocol UDP sockets. When an auto-bound UDP socket is connected and subsequently disconnected, it may not be properly unhashed from the 4-tuple hash table. This oversight can lead to the accumulation of stale entries, potentially...

3.3CVSS5.7AI score0.00121EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/25 4:56 p.m.6 views

SUSE CVE-2026-23331

In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind an UDP socket to the wildcard address with a non-zero port, connect it to an address, and disconnect it from the address. bind sets...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/03/25 11:16 a.m.5 views

CVE-2026-23331

In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind an UDP socket to the wildcard address with a non-zero port, connect it to an address, and disconnect it from the address. bind sets...

5.5CVSS0.00121EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.12 views

CVE-2026-23331

In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind an UDP socket to the wildcard address with a non-zero port, connect it to an address, and disconnect it from the address. bind sets...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
CVE
CVE
added 2026/03/25 10:27 a.m.20 views

CVE-2026-23331

The CVE-2026-23331 issue concerns the Linux kernel UDP 4-tuple hash table: when an auto-bound UDP socket is bound, connected, and then disconnected, the socket may be moved to a new hash slot without removing the old entry, leaving garbage in the 4-tuple chain. The fix is to remove such a socket ...

5.5CVSS5.6AI score0.00121EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/25 10:27 a.m.4 views

CVE-2026-23331 udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected.

In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind an UDP socket to the wildcard address with a non-zero port, connect it to an address, and disconnect it from the address. bind sets...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to remove automatically bound connected sockets from the 4-tuple hash table when they...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/03/17 8:16 p.m.10 views

CVE-2026-4358

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

7.5CVSS0.00342EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/17 7:0 p.m.2 views

CVE-2026-4358 Memory safety issues in slot-based execution hash table spill

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.4CVSS6AI score0.00342EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/17 7:0 p.m.25 views

CVE-2026-4358 Memory safety issues in slot-based execution hash table spill

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.4CVSS0.00342EPSS
Exploits1References1
CVE
CVE
added 2026/03/17 7:0 p.m.36 views

CVE-2026-4358

CVE-2026-4358 affects MongoDB's slot-based execution (SBE) engine. A specially crafted aggregation query using $lookup, issued by an authenticated user with write privileges, can trigger a double-free or use-after-free in the in-memory hash table that is spilled to disk, creating a memory-safety ...

7.5CVSS6AI score0.00342EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/17 7:0 p.m.4 views

CVE-2026-4358

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.4CVSS6AI score0.00342EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2026/03/17 7:0 p.m.2 views

CVE-2026-4358 Memory safety issues in slot-based execution hash table spill

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.1CVSS6.1AI score0.00342EPSS
Exploits1References3
Rows per page
Query Builder