CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Fixed NULL pointer dereferencing in smcvlanbytcpsk. Coverity reports a possible NULL dereferencing issue: - In smcvlanbytcpsk: - 6. returnednull: netdevlowergetnext returns NULL checked 29 out of 30 times. - 7...

5.5CVSS6.2AI score0.0021EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: macsec: sync features on RTMNEWLINK Syzkaller was able to lock the lower device via ETHTOOLSFEATURES: - netdevlock, include/linux/netdevice.h: 2761 inline - netdevops, include/net/netdevlock.h: 42 inline -...

5.5CVSS5.6AI score0.00119EPSS

Exploits0References2

SUSE CVE•added 2026/04/23 1:25 a.m.•2 views

SUSE CVE-2026-31502

In the Linux kernel, the following vulnerability has been resolved: team: fix headerops type confusion with non-Ethernet ports Similar to commit 950803f72547 "bonding: fix type confusion in bondsetupbyslave" team has the same class of headerops type confusion. For non-Ethernet ports,...

7.8CVSS5.6AI score0.00129EPSS

Exploits0References3

NVD•added 2026/04/22 2:16 p.m.•2 views

CVE-2026-31502

7.8CVSS0.00129EPSS

Exploits0References4

Cvelist•added 2026/04/22 1:54 p.m.•28 views

CVE-2026-31502 team: fix header_ops type confusion with non-Ethernet ports

7.8CVSS0.00129EPSS

Exploits0References4

CVE•added 2026/04/22 1:54 p.m.•10 views

CVE-2026-31502

CVE-2026-31502 : The connected sources detail a Linux kernel vulnerability involving a type confusion in the team network device’s header_ops for non-Ethernet ports. The root cause is that team_setup_by_port() can copy port_dev->header_ops and later callbacks (dev_hard_header/dev_parse_header)...

7.8CVSS5.6AI score0.00129EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/04/22 12:0 a.m.•5 views

PT-2026-34407

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A type confusion issue exists in the team module when handling non-Ethernet ports. The team setup by port function copies port dev-header ops directly. Consequently, when the team device...

7.8CVSS5.5AI score0.00129EPSS

Exploits0References15

Tenable Nessus•added 2026/04/22 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - team: fix headerops type confusion with non-Ethernet ports Similar to commit 950803f72547 bonding: fix type confusion in bondsetupbyslave team has the same clas...

7.8CVSS5.8AI score0.00129EPSS

Exploits0References4

RedHat Linux•added 2025/11/11 8:21 a.m.•3 views

kernel: ipvlan: Fix use-after-free in ipvlan_get_iflink().

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlangetiflink. syzbot presented an use-after-free report 0 regarding ipvlan and linkwatch. ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan. If the linkwatch work is...

7.8CVSS5.7AI score0.00204EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-30856

Malicious code in bioql PyPI...

6.3AI score0.00119EPSS

Exploits0References3

SUSE CVE•added 2025/09/23 11:23 p.m.•1 views

SUSE CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS6.5AI score0.00119EPSS

Exploits0References3

NVD•added 2025/09/23 6:15 a.m.•4 views

CVE-2025-39874

5.5CVSS0.00119EPSS

Exploits0References2

OSV•added 2025/09/23 6:15 a.m.•2 views

DEBIAN-CVE-2025-39874

5.5CVSS5.4AI score0.00119EPSS

Exploits0References1

OSV•added 2025/09/23 6:15 a.m.•1 views

UBUNTU-CVE-2025-39874

5.5CVSS5.7AI score0.00119EPSS

Exploits0References5

Cvelist•added 2025/09/23 6:0 a.m.•6 views

CVE-2025-39874 macsec: sync features on RTM_NEWLINK

0.00119EPSS

Exploits0References2

CVE•added 2025/09/23 6:0 a.m.•15 views

CVE-2025-39874

CVE-2025-39874 - Linux kernel macsec feature synchronization race : The issue occurs in macsec feature updates where lower (real) and upper device feature states can become out of sync during ETHTOOL_SFEATURES handling, potentially causing a lock in the lower device while updating features. The r...

5.5CVSS6.1AI score0.00119EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/09/08 12:0 a.m.•2 views

PT-2025-39131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MACsec feature synchronization on RTM NEWLINK events. Syzkaller identified a condition where the lower network device could become locked when...

5.5CVSS6.1AI score0.00119EPSS

Exploits0References18

SUSE CVE•added 2025/03/07 2:38 a.m.•1 views

SUSE CVE-2024-58071

In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. adding veth0 if vlan1 was already added and veth0 is a lower of vlan1. This is not useful in...

5.5CVSS6.6AI score0.00146EPSS

Exploits0References16

OSV•added 2025/03/06 4:15 p.m.•3 views

AZL-59153 CVE-2024-58071 affecting package kernel for versions less than 5.15.180.1-1

5.5CVSS6.6AI score0.00146EPSS

Exploits0References1