CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: macsec: sync features on RTMNEWLINK Syzkaller was able to lock the lower device via ETHTOOLSFEATURES: - netdevlock, include/linux/netdevice.h: 2761 inline - netdevops, include/net/netdevlock.h: 42 inline -...

5.5CVSS5.8AI score0.0002EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/smc: Fixed NULL pointer dereferencing in smcvlanbytcpsk. Coverity reports a possible NULL dereferencing issue: In smcvlanbytcpsk: 6. returnednull: netdevlowergetnext returns NULL checked 29 out of 30 times. 7. varassigned:...

5.5CVSS6.5AI score0.00033EPSS

Exploits0References2

SUSE CVE•added 2026/04/23 1:25 a.m.•1 views

SUSE CVE-2026-31502

In the Linux kernel, the following vulnerability has been resolved: team: fix headerops type confusion with non-Ethernet ports Similar to commit 950803f72547 "bonding: fix type confusion in bondsetupbyslave" team has the same class of headerops type confusion. For non-Ethernet ports,...

7.8CVSS5.6AI score0.00015EPSS

Exploits0References3

NVD•added 2026/04/22 2:16 p.m.•0 views

CVE-2026-31502

7.8CVSS0.00015EPSS

Exploits0References4

CVE•added 2026/04/22 1:54 p.m.•6 views

CVE-2026-31502

CVE-2026-31502 : The connected sources detail a Linux kernel vulnerability involving a type confusion in the team network device’s header_ops for non-Ethernet ports. The root cause is that team_setup_by_port() can copy port_dev->header_ops and later callbacks (dev_hard_header/dev_parse_header)...

7.8CVSS5.6AI score0.00015EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/04/22 1:54 p.m.•26 views

CVE-2026-31502 team: fix header_ops type confusion with non-Ethernet ports

7.8CVSS0.00015EPSS

Exploits0References4

Tenable Nessus•added 2026/04/22 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-31502

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - team: fix headerops type confusion with non-Ethernet ports Similar to commit 950803f72547 bonding: fix type confusion in bondsetupbyslave team has the same clas...

7.8CVSS5.8AI score0.00015EPSS

Exploits0References4

Positive Technologies•added 2026/04/22 12:0 a.m.•3 views

PT-2026-34407

In the Linux kernel, the following vulnerability has been resolved: team: fix header ops type confusion with non-Ethernet ports Similar to commit 950803f72547 "bonding: fix type confusion in bond setup by slave" team has the same class of header ops type confusion. For non-Ethernet ports, team...

5.6AI score0.00015EPSS

Exploits0References5

RedHat Linux•added 2025/11/11 8:21 a.m.•2 views

kernel: ipvlan: Fix use-after-free in ipvlan_get_iflink().

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix use-after-free in ipvlangetiflink. syzbot presented an use-after-free report 0 regarding ipvlan and linkwatch. ipvlan does not hold a refcnt of the lower device unlike vlan and macvlan. If the linkwatch work is...

7.8CVSS5.7AI score0.00024EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-30856

Malicious code in bioql PyPI...

6.3AI score0.0002EPSS

Exploits0References3

SUSE CVE•added 2025/09/23 11:23 p.m.•1 views

SUSE CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS6.5AI score0.0002EPSS

Exploits0References3

NVD•added 2025/09/23 6:15 a.m.•2 views

CVE-2025-39874

5.5CVSS0.0002EPSS

Exploits0References2

OSV•added 2025/09/23 6:15 a.m.•2 views

DEBIAN-CVE-2025-39874

5.5CVSS5.4AI score0.0002EPSS

Exploits0References1

OSV•added 2025/09/23 6:15 a.m.•0 views

UBUNTU-CVE-2025-39874

5.5CVSS5.7AI score0.0002EPSS

Exploits0References5

CVE•added 2025/09/23 6:0 a.m.•9 views

CVE-2025-39874

CVE-2025-39874 - Linux kernel macsec feature synchronization race : The issue occurs in macsec feature updates where lower (real) and upper device feature states can become out of sync during ETHTOOL_SFEATURES handling, potentially causing a lock in the lower device while updating features. The r...

5.5CVSS6.1AI score0.0002EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/09/23 6:0 a.m.•4 views

CVE-2025-39874 macsec: sync features on RTM_NEWLINK

0.0002EPSS

Exploits0References2

Positive Technologies•added 2025/09/08 12:0 a.m.•1 views

PT-2025-39131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MACsec feature synchronization on RTM NEWLINK events. Syzkaller identified a condition where the lower network device could become locked when...

5.5CVSS6.1AI score0.0002EPSS

Exploits0References18

SUSE CVE•added 2025/03/07 2:38 a.m.•1 views

SUSE CVE-2024-58071

In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. adding veth0 if vlan1 was already added and veth0 is a lower of vlan1. This is not useful in...

5.5CVSS6.6AI score0.00023EPSS

Exploits0References16

OSV•added 2025/03/06 4:15 p.m.•1 views

AZL-59153 CVE-2024-58071 affecting package kernel for versions less than 5.15.180.1-1

5.5CVSS6.6AI score0.00023EPSS

Exploits0References1