CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Tenable Nessus•added 2026/06/03 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-45865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return val from the i2c bus driver. For...

5.5CVSS5.8AI score0.00156EPSS

Exploits0References2

SUSE CVE•added 2026/05/28 3:57 a.m.•10 views

SUSE CVE-2026-45865

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.8AI score0.00156EPSS

Exploits0References3

EUVD•added 2026/05/27 3:33 p.m.•8 views

EUVD-2026-32331

5.8AI score0.00156EPSS

Exploits0References7

NVD•added 2026/05/27 2:16 p.m.•9 views

CVE-2026-45865

5.5CVSS0.00156EPSS

Exploits0References6

CVE•added 2026/05/27 12:15 p.m.•20 views

CVE-2026-45865

The CVE-2026-45865 issue concerns the Linux kernel MCTP over I2C implementation. A read handling bug caused i2c reads from an mctp-i2c device to return 0xff instead of the data provided by the I2C bus driver, leaving the reads effectively biased to 0xff. The root cause is described as an uninitia...

5.5CVSS5.8AI score0.00156EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2026/05/27 12:0 a.m.•11 views

PT-2026-43732

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mctp-i2c device where i2c reads fail to initialize the event handler read bytes. This causes reads to return the val variable from the i2c bus driver. In the cases...

5.4AI score0.00156EPSS

Exploits0References15

NVD•added 2026/05/08 3:16 p.m.•13 views

CVE-2026-43457

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...

5.5CVSS0.00114EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2025-12948

Malicious code in bioql PyPI...

5.6AI score0.0014EPSS

Exploits0References3

Tenable Nessus•added 2025/08/24 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2022-49820

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the...

5.5CVSS5.2AI score0.0014EPSS

Exploits0References2

NVD•added 2025/05/01 3:16 p.m.•11 views

CVE-2022-49820

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: don't count unused / invalid keys for flow release We're currently hitting the WARNON in mctpi2cflowrelease: if midev-releasecount midev-i2clockcount WARNONCE1, "release count overflow"; This may be hit if we expire a...

5.5CVSS0.0014EPSS

Exploits0References2

OSV•added 2025/05/01 3:16 p.m.•5 views

DEBIAN-CVE-2022-49820

5.5CVSS5.4AI score0.0014EPSS

Exploits0References1

OSV•added 2025/05/01 3:16 p.m.•4 views

UBUNTU-CVE-2022-49820

5.5CVSS5.7AI score0.0014EPSS

Exploits0References5

OSV•added 2025/05/01 2:9 p.m.•9 views

CVE-2022-49820 mctp i2c: don't count unused / invalid keys for flow release

5.5CVSS5AI score0.0014EPSS

Exploits0References5

CVE•added 2025/05/01 2:9 p.m.•57 views

CVE-2022-49820

CVE-2022-49820 concerns the Linux kernel mctp i2c flow release logic. The issue arises when release_count > i2c_lock_count, triggering a WARN_ONCE due to expiring a flow before sending the first packet and not pairing the release increment with the i2c lock operation. The fix adds a guard: onl...

5.5CVSS6.5AI score0.0014EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/05/01 2:9 p.m.•13 views

CVE-2022-49820 mctp i2c: don't count unused / invalid keys for flow release

0.0014EPSS

Exploits0References2

Positive Technologies•added 2025/05/01 12:0 a.m.•6 views

PT-2025-18537

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the mctp i2c module. The issue arises when a flow is released before sending the first packet it contains, causing a...

5.5CVSS5.2AI score0.0014EPSS

Exploits0References15

BDU FSTEC•added 2025/03/27 12:0 a.m.•8 views

The vulnerability of the mctp_i2c_header_create() function in the drivers/net/mctp/mctp-i2c.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the mctpi2cheadercreate function in the drivers/net/mctp/mctp-i2c.c kernel module of the Linux operating system is related to insufficient input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00244EPSS

Exploits0References14Affected Software6

SUSE CVE•added 2024/11/20 3:49 a.m.•5 views

SUSE CVE-2024-53043

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: handle NULL header address daddr can be NULL if there is no neighbour table entry present, in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case a packet is...

5.5CVSS7.7AI score0.00244EPSS

Exploits0References13

NVD•added 2024/11/19 6:15 p.m.•16 views

CVE-2024-53043

5.5CVSS0.00244EPSS

Exploits0References5

OSV•added 2024/11/19 6:15 p.m.•11 views

AZL-53876 CVE-2024-53043 affecting package kernel for versions less than 6.6.64.2-1

5.5CVSS6.3AI score0.00244EPSS

Exploits0References1

Rows per page