94 matches found
CVE-2026-45930
In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...
Linux Distros Unpatched Vulnerability : CVE-2026-45930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Tren...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: fixed possible store tearing in neihperiodicwork. While reviewing a related syzbot report involving neihperiodicwork, I found that I forgot to add an annotation when deleting an RCU-protected item from a list. Readers use...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fixed the null-ptr-deref in neihtableclear. When the IPv6 module is initialized, an error occurs in the middle. This results in a kernel panic with the following error message: KASAN: Null-ptr-deref in range...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: ipv4: A data race issue related to sysctlfibmultipathuseneigh has been fixed. When reading sysctlfibmultipathuseneigh, it is possible for the value to be changed concurrently. Therefore, we need to add READONCE to its read...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: Replace physindev with physinif in nfbridgeinfo. A skb can be added to the neigh-arpqueue while waiting for an arp reply. In this case, the skb-dev of the original skb may differ from the neigh-dev of the targe...
CVE-2026-23293
In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If an IPv6...
CVE-2026-23293
In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If an IPv6...
UBUNTU-CVE-2026-23293
In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If an IPv6...
CVE-2025-71133
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...
CVE-2025-71133
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...
CVE-2025-71133 RDMA/irdma: avoid invalid read in irdma_net_event
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...
CVE-2025-71133
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...
SUSE CVE-2023-54262
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is a erroneous leftover from original...
UBUNTU-CVE-2023-54262
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is a erroneous leftover from original...
PT-2025-54091
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the mlx5e module related to flow post action attributes. The code unnecessarily clones these attributes, leading to a use-after-free condition...
Linux Distros Unpatched Vulnerability : CVE-2023-54148
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Move representor neigh cleanup to profile cleanuptx For IP tunnel encapsulation in ECMP Equal-Cost Multipath mode, as the flow is duplicated to the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989076)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989076 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibmultipathuseneigh. While reading sysctlfibmultipathuseneigh...
SUSE CVE-2025-40074
In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dstdevrcu Change icmpv4xrlimallow, ipdefrag to prevent possible UAF. Change ipmrpreparexmit, ipmrqueuefwdxmit, ipmroutput, ipv4neighlookup to use lockdep enabled dstdevrcu...
AZL-68894 CVE-2025-40074 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dstdevrcu Change icmpv4xrlimallow, ipdefrag to prevent possible UAF. Change ipmrpreparexmit, ipmrqueuefwdxmit, ipmroutput, ipv4neighlookup to use lockdep enabled dstdevrcu...