7 matches found
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: bonding: Fix for use-after-free after 802.3ad slave unbind Commit 0622cab0341c “bonding: fix 802.3ad aggregator reselection” resolves a issue where, when there are several aggregation groups within the same bond,...
CVE-2026-43441
In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If bonding...
Linux Distros Unpatched Vulnerability : CVE-2026-31419
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it f...
CVE-2026-23212
CVE-2026-23212 affects the Linux kernel bonding driver where slave->last_rx (and target_last_arp_rx) data could be read/write locklessly, causing data races. The fix annotates these fields with READ_ONCE() and WRITE_ONCE(), addressing a KCSAN data race in bond_rcv_validate and related paths. C...
Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices NULL Pointer Dereference (CVE-2024-44990)
In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bondipsecoffloadok We must check if there is an active slave before dereferencing the pointer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...
Linux Distros Unpatched Vulnerability : CVE-2023-53103
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bonding: restore bond's IFFSLAVE flag if a non-eth dev enslave fails syzbot reported a warning1 where the bond device itself is a slave and we try to enslave a...
Vulnerability of the bond_3ad_unbind_slave() function in the drivers/net/bonding/bond_3ad.c module – The Linux kernel network device driver support module, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.
Vulnerability of the bond3adunbindslave function in the drivers/net/bonding/bond3ad.c module – Linux kernel-based device support drivers are vulnerable due to the repeated use of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...