Lucene search
K

48 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: xfrm: Always flush the state and policy upon the NETDEVUNREGISTER event. syzbot reports that the refcount of “struct xfrmstate” is leaking. unregisternetdevice: Waiting for netdevsim0 to become free. Usage count = 2. reftracke...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the functions nftnetdevunregisterhooks and nftunregisterflowtablenethooks not using listdelrcu,...

7.8CVSS5.3AI score0.00119EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - Ice: Fixed the KASAN error in the LAG NETDEVUNREGISTER handler. Currently, the same handler is called for both the NETDEVBONDINGINFO LAG unlink notification and the NETDEVUNREGISTER call. This causes problems, as the...

5.5CVSS5.9AI score0.00288EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: macsec: Fixed the offload support for the NETDEVUNREGISTER event. The current macsec netdev notify handler handles the NETDEVUNREGISTER event by releasing relevant software resources only. This can lead to resource leaks in...

5.5CVSS6.1AI score0.00223EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: OpenVSwitch: fixed the issue where locking occurred when trying to unregister a netdev with a carrier. The commit in the “fixes” tag attempted to fix this issue through the following sequence of calls: dooutput → ovsvportsend →...

5.5CVSS6.3AI score0.002EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.10 views

PT-2026-40686

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the lan78xx USB driver where a warning may be triggered in the netif napi del locked function during a USB device disconnect. This occurs because the netif napi del...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References14
NVD
NVD
added 2026/05/06 12:16 p.m.41 views

CVE-2026-43219

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Fix potential unregister of netdev that has not been registered yet If an error occurs during registernetdev for the first MAC in cpswregisterports, even though cpsw-slaves0.ndev is set to NULL, cpsw-slaves1.ndev...

5.5CVSS0.00128EPSS
Exploits0References8
OSV
OSV
added 2026/05/06 11:28 a.m.1 views

CVE-2026-43219 net: cpsw_new: Fix potential unregister of netdev that has not been registered yet

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Fix potential unregister of netdev that has not been registered yet If an error occurs during registernetdev for the first MAC in cpswregisterports, even though cpsw-slaves0.ndev is set to NULL, cpsw-slaves1.ndev...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.26 views

CVE-2026-43167 xfrm: always flush state and policy upon NETDEV_UNREGISTER event

In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that "struct xfrmstate" refcount is leaking. unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 2 reftracker:...

0.00127EPSS
Exploits0References5
OSV
OSV
added 2026/05/06 11:27 a.m.1 views

CVE-2026-43167 xfrm: always flush state and policy upon NETDEV_UNREGISTER event

In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that "struct xfrmstate" refcount is leaking. unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 2 reftracker:...

5.5CVSS5.9AI score0.00127EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-37507

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference count leak occurs in struct xfrm state within the Linux kernel. This issue arises because the xfrm dev unregister function was implemented as a no-op, even though xfrm dev...

5.5CVSS5.4AI score0.00127EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: always flush state and policy upon NETDEVUNREGISTER event syzbot is reporting that struct xfrmstate refcount is leaking. unregisternetdevice: waiting for...

5.5CVSS6.2AI score0.00127EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/01 2:15 p.m.32 views

CVE-2026-43012 net/mlx5: Fix switchdev mode rollback in case of failure

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...

0.00122EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/25 8:46 a.m.6 views

CVE-2026-31678

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

5.2AI score0.00096EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.7 views

PT-2026-35138

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Open vSwitch component of the Linux kernel. The ovs netdev tunnel destroy function may execute after the NETDEV UNREGISTER process has already detached the...

7.8CVSS5.5AI score0.00096EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/03 6:38 p.m.6 views

CVE-2026-23436

A flaw was found in the Linux kernel's network shaper module. A race condition can occur when a network device netdev is unregistered while its hierarchy is being created. This timing issue may allow the system to allocate resources that are not properly released, leading to a memory leak...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/03 5:7 p.m.3 views

CVE-2026-23437

A flaw was found in the Linux kernel's net: shaper module. This vulnerability arises from a missing liveness check during Netlink operations when a network device netdev is referenced and subsequently accessed. If the netdev is unregistered before the access, it can lead to a use-after-free...

7.8CVSS5.9AI score0.00127EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/04/03 4:16 p.m.5 views

CVE-2026-23436

In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References5
CVE
CVE
added 2026/04/03 3:15 p.m.15 views

CVE-2026-23436

The CVE-2026-23436 issue affects the Linux kernel's net: shaper component. A race could occur when a netdev is unregistered between taking a reference during Netlink prep and locking/RCU in the callback, potentially leaking the hierarchy after a flush. The fix applies the instance lock in pre- st...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/31 11:38 a.m.35 views

CVE-2025-71182 can: j1939: make j1939_session_activate() fail if device is no longer registered

In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b5891b8 "can: j1939: add missing...

0.00156EPSS
Exploits0References7
Rows per page
Query Builder