CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

UBUNTU-CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

9.8CVSS5.7AI score0.00507EPSS

Exploits0References8

NVD•added 4 days ago•5 views

CVE-2026-53247

9.8CVSS0.00507EPSS

Exploits0References5

EUVD•added 4 days ago•5 views

EUVD-2026-39198

5.7AI score0.00507EPSS

Exploits0References5

CVE•added 4 days ago•9 views

CVE-2026-53247

CVE-2026-53247: Linux kernel MTK ethernet driver (mtk_eth_soc) fix for use-after-free in metadata_dst teardown. mtk_free_dev() previously called metadata_dst_free() (kfree’d immediately, bypassing RCU). In RX, skb_dst_set_noref() kept non-refcounted pointers to metadata_dst; freed memory could ra...

9.8CVSS5.7AI score0.00507EPSS

Exploits0References5

Debian CVE•added 4 days ago•3 views

CVE-2026-53247

9.8CVSS5.7AI score0.00507EPSS

Exploits0

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Netwerk: Ethernet: mtkethsoc: fixed SER panic with 4GB+ RAM If the mtkpollrx function detects the MTKRESETTING flag, it will jump to releasedesc and refill the high word of the SDP on the 4GB RFB. Subsequently, mtkrxclean will...

5.5CVSS6.4AI score0.00159EPSS

Exploits0References2

EUVD•added 2026/05/01 2:14 p.m.•9 views

EUVD-2026-26549

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkppe: avoid NULL deref when gmac0 is disabled If the gmac0 is disabled, the precheck for a valid ingress device will cause a NULL pointer deref and crash the system. This happens because eth-netdev0 will be NULL...

5.8AI score0.00122EPSS

Exploits0References4

CVE•added 2026/05/01 2:14 p.m.•13 views

CVE-2026-31736

CVE-2026-31736 affects the Linux kernel MTK PPE Ethernet driver. When the gmac0 interface is disabled, a precheck for a valid ingress device can dereference a NULL pointer (eth->netdev[0] is NULL) and crash the system. The underlying issue is that the code was only checking the first net_devic...

5.5CVSS5.8AI score0.00122EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/05/01 2:14 p.m.•30 views

CVE-2026-31736 net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled

0.00122EPSS

Exploits0References4

RedhatCVE•added 2026/03/25 6:13 p.m.•2 views

CVE-2026-23284

A flaw was found in the Linux kernel's mtkethsoc driver. This vulnerability occurs when an error in the mtkopen routine within mtkxdpsetup leads to an incorrect reset of the eBPF Extended Berkeley Packet Filter program pointer without properly decreasing its reference count. This improper resourc...

5.7AI score0.00123EPSS

Exploits0References4

EUVD•added 2026/03/25 12:30 p.m.•1 views

EUVD-2026-15208

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Reset prog ptr to oldprog in case of error in mtkxdpsetup Reset eBPF program pointer to oldprog and do not decrease its ref-count if mtkopen routine in mtkxdpsetup fails...

5.6AI score0.00123EPSS

Exploits0References7

OSV•added 2026/03/25 11:16 a.m.•4 views

UBUNTU-CVE-2026-23284

5.5CVSS5.7AI score0.00123EPSS

Exploits0References9

CVE•added 2026/03/25 10:26 a.m.•20 views

CVE-2026-23284

Technical details for CVE-2026-23284 are not publicly provided in the supplied documents; none of the connected advisories describe affected product/version or fix for this CVE. Monitor for updates.

5.5CVSS5.6AI score0.00123EPSS

Exploits0References6Affected Software1

OSV•added 2026/03/25 10:26 a.m.•6 views

CVE-2026-23284 net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()

5.5CVSS5.7AI score0.00123EPSS

Exploits0References9

Tenable Nessus•added 2026/01/05 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2023-54240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ethernet: mtkethsoc: fix possible NULL pointer dereference in mtkhwlrogetfdirall rulelocs is allocated in ethtoolgetrxnfc and the size is determined by...

6AI score0.00177EPSS

Exploits0References2

Positive Technologies•added 2026/01/01 12:0 a.m.•5 views

PT-2026-27649

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to ethernet functionality within the mtk eth soc module. Specifically, the issue concerns the handling of the eBPF program pointer during the mt...

5.5CVSS5.8AI score0.00123EPSS

Exploits0References21

SUSE CVE•added 2025/12/31 12:27 a.m.•3 views

SUSE CVE-2023-54240

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible NULL pointer dereference in mtkhwlrogetfdirall rulelocs is allocated in ethtoolgetrxnfc and the size is determined by rulecnt from user space. So rulecnt needs to be check before using...

5.5CVSS6.5AI score0.00177EPSS

Exploits0References17

UbuntuCve•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54240

5.9AI score0.00177EPSS

Exploits0References10

OSV•added 2025/12/30 1:16 p.m.•4 views

UBUNTU-CVE-2023-54240

5.7AI score0.00177EPSS

Exploits0References11

CVE•added 2025/12/30 12:11 p.m.•19 views

CVE-2023-54240

The CVE-2023-54240 issue is a Linux kernel NULL pointer dereference in the MTK ethernet driver (net: ethernet: mtk_eth_soc) during fdir all handling in mtk_hwlro_get_fdir_all(). The root cause is that rule_locs is allocated based on rule_cnt from user space in ethtool_get_rxnfc, and rule_cnt is n...

6AI score0.00177EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by