231 matches found
CVE-2026-53001
A flaw was identified in the Linux kernel's netfilter xtables component. This vulnerability allowed certain network filtering rules, specifically those involving xtmac, xtowner, xtphysdev, and xtrealm matches, to be applied outside of their intended internet protocol IPv4 and IPv6 contexts. This...
CVE-2026-52942
In the Linux kernel, the following vulnerability has been resolved: netfilter: nflog: validate MAC header was set before dumping it The fallback path of dumpmacheader guards the MAC header access only with "skb-macheader != skb-networkheader", without checking skbmacheaderwasset. When the MAC...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: igb: Initialize the mailbox message for VF reset When a MAC address is not assigned to the VF, that portion of the message sent to the VF is not set. However, the memory is allocated from the stack, which means that information m...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt76: mt7996 – Fixed possible out-of-band OOB access in mt7996macwritetxwi80211. The frame length was checked before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid possible OOB access...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: usb: qmiwwan: Initialize the MAC header offset in qmimuxrxfixup Raw IP packets do not have a MAC header, resulting in skb-macheader being uninitialized. This can trigger kernel panics on ARM64 when xfrm or other subsystems...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: geneve: Do not assume that the MAC header is set in genevexmitskb. We should not assume that the MAC header is present in the output path. Instead, use skbethhdr instead of ethhdr to fix the issue. sysbot reported the followin...
CVE-2026-51845
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter...
EUVD-2026-38051
Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter...
CVE-2026-49196
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands...
CVE-2024-27891
On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied...
CVE-2026-49196
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands...
CVE-2026-49196 Predator Connect W6x: Web Interface Command Injection
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands...
kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets
A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...
kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets
A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs because the eui64mt6 function, which processes IPv6 packets, does not properly validate the MAC header for all packets. Specifically, packets with a zero fragment offset could bypass an existing guard, allowing...
ipv6: rpl: reserve mac_len headroom when recompressed SRH grows
...
CVE-2026-8263 Tenda AC6 httpd WifiExtraSet fromSetWirelessRepeat os command injection
A security flaw has been discovered in Tenda AC6 15.03.06.49multiTDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. It is possible to initiate the attack...
CVE-2026-43199
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5eipsecinitmacs by replacing mlx5querymacaddress with etheraddrcopy to get the local MAC address directly from...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the IPsec MAC address query in net mlx5e calling a sleep function within atomic context,...
Snap One Wattbox 信任管理问题漏洞
The Snap One Wattbox is a series of power solutions developed by Snap One Corporation. The Snap One WattBox 800 and 820, versions prior to 2.10.0.0, had a trust management vulnerability. This vulnerability stemmed from the inclusion of undisclosed diagnostic HTTP endpoints, which could allow...
CVE-2026-31685
In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6teui64: reject invalid MAC header for all packets eui64mt6 derives a modified EUI-64 from the Ethernet source address and compares it with the low 64 bits of the IPv6 source address. The existing guard only rejects ...