Lucene search
K

237 matches found

Amazon
Amazon
added 2026/07/08 12:0 a.m.7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teqlmasterxmit CVE-2026-23449 In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes CVE-2026-31449 In the Linux...

9.8CVSS6AI score0.00742EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53270

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module...

7.8CVSS6AI score0.00129EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.17 views

CVE-2026-53270

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at...

7.8CVSS0.00129EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.14 views

CVE-2026-53270

The CVE-2026-53270 issue affects the Linux kernel IP Virtual Server (IPVS). During ip_vs_edit_service(), unbinding the old scheduler did not clear the svc->scheduler pointer early enough, so packets could reference freed sched_data after the RCU grace period. The documented fix clears the poin...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53270

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53270 ipvs: clear the svc scheduler ptr early on edit

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed the NULL pointer dereference in the route error path of ipv4 null-ptr-deref. The IPv4 code path in ipvsgetoutrt calls dstlinkfailure, without ensuring that skb-dev is set. This leads to a NULL pointer dereference in...

6AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.14 views

SUSE CVE-2026-45850

In the Linux kernel, the following vulnerability has been resolved: ipvs: skip ipv6 extension headers for csum checks Protocol checksum validation fails for IPv6 if there are extension headers before the protocol header. iph-len already contains its offset, so use it to fix the problem...

5.8AI score0.0016EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-45917

In the Linux kernel, the following vulnerability has been resolved: ipvs: do not keep destdst if dev is going down There is race between the netdev notifier ipvsdstevent and the code that caches dst with dev that is going down. As the FIB can be notified for the closed device after our handler...

5.5CVSS0.00122EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/27 12:17 p.m.9 views

CVE-2026-45917

In the Linux kernel, the following vulnerability has been resolved: ipvs: do not keep destdst if dev is going down There is race between the netdev notifier ipvsdstevent and the code that caches dst with dev that is going down. As the FIB can be notified for the closed device after our handler...

5.5CVSS5.7AI score0.00122EPSS
Exploits0
CVE
CVE
added 2026/05/27 12:17 p.m.38 views

CVE-2026-45917

The CVE-2026-45917 issue affects the Linux kernel IP Virtual Server (IPVS) component, where a race between the netdev notifier and the destination cache for a closing device could leak a device reference until the destination is removed. Root cause: the code caches dest_dst with a device that is ...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/27 12:15 p.m.25 views

CVE-2026-45850

CVE-2026-45850 pertains to the Linux kernel vulnerability where protocol checksum validation for IPv6 could fail if there are extension headers before the IPv6 header. The confirmed fix uses iph->len as the offset to skip extension headers when performing checksum validation. Technical details...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ipvs module failing to skip the extended header when calculating the IPv6 checksum. This coul...

5.8AI score0.0016EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.15 views

PT-2026-43717

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Protocol checksum validation fails for IPv6 when extension headers are present before the protocol header. The issue occurs because the system does not correctly skip these extension...

5.5AI score0.0016EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-45917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipvs: do not keep destdst if dev is going down There is race between the netdev notifier ipvsdstevent and the code that caches dst with dev that is going down. ...

5.5CVSS6.3AI score0.00122EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.22 views

PT-2026-43784

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the netdev notifier ip vs dst event and the code responsible for caching the destination dst when a device is going down. Because the Forwarding Informati...

5.5CVSS5.5AI score0.00122EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an undefined behavior due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator...

5.5CVSS6.5AI score0.00224EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ipvs: fixed an error in ipvscleanupbatch. During the initialization of ipvsconnnetinit, if the files ipvsconn or ipvsconnsync fail to be created, the initialization is successful by default. Therefore, the ipvsconn or...

5.5CVSS6.2AI score0.00173EPSS
Exploits0References2
Amazon
Amazon
added 2026/05/14 12:0 a.m.13 views

Medium: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output CVE-2023-53188 In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ipvsaddservice CVE-2024-42322 In the Linux kernel, the...

7.1CVSS5.9AI score0.00227EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/06 7:40 a.m.42 views

CVE-2026-43086 ipvs: fix NULL deref in ip_vs_add_service error path

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix NULL deref in ipvsaddservice error path When ipvsbindscheduler succeeds in ipvsaddservice, the local variable sched is set to NULL. If ipvsstartestimator subsequently fails, the outerr cleanup calls...

0.00122EPSS
Exploits0References5
Rows per page
Query Builder