CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed handling of incorrect devices during the bond netevent process. The current implementation of the bond netevent handler only checks whether the handled netdev is a VF representative. However, there is no check...

5.5CVSS6.2AI score0.00235EPSS

Exploits0References2

OSV•added 2026/01/14 3:16 p.m.•3 views

UBUNTU-CVE-2025-71133

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdmanetevent irdmanetevent should not dereference anything from "neigh" alias "ptr" until it has checked that the event is NETEVENTNEIGHUPDATE. Other events come with different structures pointe...

7.1CVSS5.7AI score0.00153EPSS

Exploits0References37

Tenable Nessus•added 2025/11/05 12:0 a.m.•0 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989469)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989469 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond...

5.5CVSS6AI score0.00235EPSS

Exploits0References4

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986882)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986882 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond...

5.5CVSS6AI score0.00235EPSS

Exploits0References4

Hacker One•added 2025/08/30 2:49 a.m.•6 views

PlayStation: Double fdrop on a socket through sys_netcontrol

The netcontrol syscall in the kernel had a vulnerability where the socket file descriptor was not properly validated when removing a socket from a netevent structure. This allowed an attacker to cause a double fdrop on a socket, potentially leading to a use-after-free condition...

5.4AI score

Exploits0

OSV•added 2025/07/03 9:15 a.m.•1 views

DEBIAN-CVE-2025-38151

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...

5.5CVSS5.4AI score0.00147EPSS

Exploits0References1

Debian CVE•added 2025/07/03 8:35 a.m.•3 views

CVE-2025-38151

5.5CVSS5.4AI score0.00147EPSS

Exploits0

SUSE CVE•added 2025/05/02 2:2 a.m.•2 views

SUSE CVE-2025-37772

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix workqueue crash in cmaneteventworkhandler struct rdmacmid has member "struct workstruct network" that is reused for enqueuing cmaneteventworkhandlers onto cmawq. Below crash1 can occur if more than one call to...

5.5CVSS7.6AI score0.00161EPSS

Exploits0References16

Positive Technologies•added 2025/04/09 12:0 a.m.•4 views

PT-2025-18453

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel has been resolved, related to the RDMA/cma component. The issue occurs when multiple calls to cma netevent callback are made in quick succession,...

5.5CVSS6.7AI score0.00161EPSS

Exploits0

Tenable Nessus•added 2025/03/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2022-48746

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond...

5.5CVSS5.6AI score0.00235EPSS

Exploits0References3

SUSE CVE•added 2024/06/22 4:9 a.m.•3 views

SUSE CVE-2022-48746

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check if the handled netdev is VF representor and it missing a check if the VF representor is on the same phys...

5.5CVSS7.5AI score0.00235EPSS

Exploits0References10

RedhatCVE•added 2024/06/20 1:56 p.m.•24 views

CVE-2022-48746

4.4CVSS7AI score0.00235EPSS

Exploits0References4

OSV•added 2024/06/20 12:15 p.m.•1 views

DEBIAN-CVE-2022-48746

5.5CVSS5.2AI score0.00235EPSS

Exploits0References1

OSV•added 2024/06/20 12:15 p.m.•0 views

UBUNTU-CVE-2022-48746

5.5CVSS6AI score0.00235EPSS

Exploits0References7

Vulnrichment•added 2024/06/20 11:13 a.m.•15 views

CVE-2022-48746 net/mlx5e: Fix handling of wrong devices during bond netevent

6.8AI score0.00235EPSS

Exploits0References4

Cvelist•added 2024/06/20 11:13 a.m.•28 views

CVE-2022-48746 net/mlx5e: Fix handling of wrong devices during bond netevent

0.00235EPSS

Exploits0References4

CVE•added 2024/06/20 11:13 a.m.•75 views

CVE-2022-48746

In CVE-2022-48746, the Linux kernel mlx5e bond netevent path incorrectly verified netdev origin: the code only checked for a VF representor and lacked a check that the VF representor was on the same physical device as the bond handling the netevent. The fix adds the missing check and optimizes th...

5.5CVSS6.5AI score0.00235EPSS

Exploits0References4Affected Software1

OSV•added 2024/06/20 11:13 a.m.•17 views

CVE-2022-48746 net/mlx5e: Fix handling of wrong devices during bond netevent

5.5CVSS5.9AI score0.00235EPSS

Exploits0References7

Debian CVE•added 2024/06/20 11:13 a.m.•19 views

CVE-2022-48746

5.5CVSS5.2AI score0.00235EPSS

Exploits0