2885 matches found
CVE-2026-45840
In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...
CVE-2026-45840
CVE-2026-45840 : The vulnerability in the Linux kernel openvswitch path allows a CAP_NET_ADMIN user to overflow the vport netlink reply buffer by providing a large upcall PID array, triggering a -EMSGSIZE and a kernel BUG. The root cause is ovs_vport_set_upcall_portids() accepting any non-zero mu...
EUVD-2026-32166
In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...
CVE-2026-45840 openvswitch: cap upcall PID array size and pre-size vport replies
In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...
PT-2026-43797
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the MCTP Management Component Transport Protocol implementation where RTM GETNEIGH requests return uninitialized data within the padding bytes of the ndmsg data. This...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the vport netlink reply helper function, which allocates skb packets of a fixed size but h...
Linux Distros Unpatched Vulnerability : CVE-2026-45930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Tren...
Linux Distros Unpatched Vulnerability : CVE-2026-45840
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... b...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: - net: genl: fixed a memory leak in the error path during policy dumping. - If the construction of the policy array fails when recording non-first policies, we need to unwind the process. - The netlinkpolicydumpaddpolicy...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate accesses to nlk-cbrunning Both netlinkrecvmsg and netlinknativeseqshow read nlk-cbrunning without locking it. Use READONCE in those functions. Add corresponding WRITEONCE to netlinkdump and netlinkdumpstart...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: rejecting negative ifindex values Recent changes in net-next commit 759ab1edb56c reorganized the handling of pre-assigned ifindex values. This led to a latent issue in ovs. ovs does not validate ifindex values,...
Astra Linux – Vulnerability in OpenVSwitch
A flaw was discovered in Open vSwitch, where multiple versions are vulnerable to crafted Geneve packets, which may lead to a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
Astra Linux – Vulnerability in Linux 5.10, Linux
A issue was discovered in the Linux kernel before version 6.0.11. Missing offset validation in the drivers/net/wireless/microchip/wilc1000/hif.c file, within the WILC1000 wireless driver, can lead to an out-of-bounds read when parsing a Robust Security Network RSN information element from a Netli...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: shaper: Protection is added for late read accesses to the hierarchy. We retrieve a netdev during the preparation of Netlink operations pre-callbacks, and then we acquire a reference to it. Later, within the body of the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: core: A NULL dereference was prevented in generichwtstampioctllower. The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampge...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fixed a use-after-free in bpfxdplinkrelease. The issue occurs between devgetbyindex and devxdpattachlink. At this point, devxdpuninstall is called. As a result, the xdp link will not be automatically detached when the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-net: The recursive rtnllock function occurs during the probe operation. This deadlock appears in a stack trace like this: virtnetprobe rtnllock virtioconfigChangedWork netdevNotifyPeers rtnllock This occurs when the VMM...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: shaper: Protection against late creation of hierarchies. We retrieve the netdev during the preparation of Netlink operations before callbacks. We then take a reference to it. Later, within the body of the callback, we acquir...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: idpf: Detaching and closing netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and closing any netdevs in UP state until the reset handling is completed. During a reset,...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: IB/IPoIB: Fix legacy IPoIB due to wrong number of queues The cited commit creates child PKEY interfaces over netlink will multiple tx and rx queues, but some devices doesn't support more than 1 tx and 1 rx queues. This causes to ...