CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

509 matches found

OSV•added 2025/02/27 8:0 p.m.•7 views

CVE-2025-21806 net: let net.core.dev_weight always be non-zero

In the Linux kernel, the following vulnerability has been resolved: net: let net.core.devweight always be non-zero The following problem was encountered during stability test: NULL netdevice: NAPI poll function processbacklog+0x0/0x530 \ returned 1, exceeding its budget of 0. ------------ cut her...

5.5CVSS6.1AI score0.00032EPSS

Exploits0References13

SUSE CVE•added 2025/02/27 3:11 a.m.•2 views

SUSE CVE-2022-49131

In the Linux kernel, the following vulnerability has been resolved: ath11k: fix kernel panic during unload/load ath11k modules Call netifnapidel from ath11kahbfreeextirq to fix the following kernel panic when unload/load ath11k modules for few iterations. 971.201365 Unable to handle kernel paging...

5.5CVSS6.5AI score0.00024EPSS

Exploits0References7

NVD•added 2025/02/26 7:1 a.m.•8 views

CVE-2022-49672

In the Linux kernel, the following vulnerability has been resolved: net: tun: unlink NAPI from device on destruction Syzbot found a race between tun file and device destruction. NAPIs live in struct tunfile which can get destroyed before the netdev so we have to del them explicitly. The current...

5.5CVSS0.00009EPSS

Exploits0References6

OSV•added 2025/02/26 7:0 a.m.•1 views

UBUNTU-CVE-2022-49131

5.5CVSS6.2AI score0.00024EPSS

Exploits0References8

CVE•added 2025/02/26 2:24 a.m.•80 views

CVE-2022-49672

CVE-2022-49672 refers to a race condition in the Linux kernel’s network/tun path: when destroying a tunNAPI object, the NAPI in the tun_file struct can be destroyed before the netdev, requiring explicit deletion of the NAPI. Syzbot observed this race as the queue was detached, enabling a potentia...

5.5CVSS5.3AI score0.00009EPSS

Exploits0References6Affected Software1

Debian CVE•added 2025/02/26 2:24 a.m.•4 views

CVE-2022-49672

5.5CVSS5.5AI score0.00009EPSS

Exploits0

Cvelist•added 2025/02/26 2:24 a.m.•14 views

CVE-2022-49672 net: tun: unlink NAPI from device on destruction

0.00009EPSS

Exploits0References6

OSV•added 2025/02/26 2:24 a.m.•7 views

CVE-2022-49672 net: tun: unlink NAPI from device on destruction

5.5CVSS5.1AI score0.00009EPSS

Exploits0References9

AstraLinux•added 2025/02/11 7:35 a.m.•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: gve: Clearing napi-skb before devkfreeskbany In gverxfreeskb, napi-skb is incorrectly left referencing an skb after it is freed using devkfreeskbany. This can result in a subsequent call to napigetfrags returning a dangling...

5.5CVSS6.1AI score0.0001EPSS

Exploits0References3

AstraLinux•added 2025/02/11 7:35 a.m.•1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: net: mana: Fixed error handling in manacreatetxq/rxq’s NAPI cleanup Currently, the napidisable function is called during the cleanup of rxq and txq, even before napi is enabled and hrtimer is initialized. This causes a kernel...

5.5CVSS6.5AI score0.00013EPSS

Exploits0References3

OSV•added 2025/02/06 2:47 p.m.•4 views

CLSA-2025-1738853271 Fix of 54 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrumacltcam: Fix NULL pointer dereference in error path CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndopollcontroller optional - bonding: use netpollpolldev helper - netpoll: do not test...

7.8CVSS7AI score0.00038EPSS

Exploits1References1

OSV•added 2025/02/06 2:40 p.m.•4 views

CLSA-2025-1738852812 Fix of 54 CVEs

7.8CVSS7AI score0.00038EPSS

Exploits1References1

SUSE Linux•added 2025/01/24 10:10 a.m.•1 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. CVE-2022-48742: rtnetlink: make sure to refresh masterdev/mops in...

8.8CVSS8.3AI score0.02589EPSS

Exploits2References408

RedhatCVE•added 2025/01/21 5:29 p.m.•5 views

CVE-2025-21659

In the Linux kernel, the following vulnerability has been resolved: netdev: prevent accessing NAPI instances from another namespace The NAPI IDs were not fully exposed to user space prior to the netlink API, so they were never namespaced. The netlink API must ensure that at the very least NAPI...

5.5CVSS6.8AI score0.00017EPSS

Exploits0References4

NVD•added 2025/01/21 1:15 p.m.•5 views

CVE-2025-21659

5.5CVSS0.00017EPSS

Exploits0References2

OSV•added 2025/01/21 1:15 p.m.•1 views

DEBIAN-CVE-2025-21659

5.5CVSS5.6AI score0.00017EPSS

Exploits0References1

OSV•added 2025/01/21 1:15 p.m.•0 views

UBUNTU-CVE-2025-21659

5.5CVSS6.2AI score0.00017EPSS

Exploits0References21

CVE•added 2025/01/21 12:18 p.m.•3000 views

CVE-2025-21659

CVE-2025-21659 relates to the Linux kernel where the netdev subsystem previously allowed NAPI instances to be accessed across different network namespaces. The underlying issue was that NAPI IDs were not fully namespace-aware before the netlink API, allowing potential cross-namespace exposure of ...

5.5CVSS6.5AI score0.00017EPSS

Exploits0References2Affected Software1

Debian CVE•added 2025/01/21 12:18 p.m.•8 views

CVE-2025-21659

5.5CVSS5.6AI score0.00017EPSS

Exploits0

Cvelist•added 2025/01/21 12:18 p.m.•10 views

CVE-2025-21659 netdev: prevent accessing NAPI instances from another namespace

0.00017EPSS

Exploits0References2

Rows per page