Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ice network card’s PTP implementation. When control of PF is unavailable, icegetctrlptp returns NUL...

CVE-2026-43260

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...

PT-2026-37600

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bnxt en driver regarding the RSS context delete logic. The driver incorrectly used a netif running check when deleting an RSS context, which caused VNICs Virtual...

MiracleLinux 4 : qemu-kvm-0.12.1.2-2.355.AXS4.5 (AXSA:2013-473:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-473:03 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...

CVE-2023-54156

In the Linux kernel, the following vulnerability has been resolved: sfc: fix crash when reading stats while NIC is resetting efxnetstats .ndogetstats64 can be called during an ethtool selftest, during which time nicdata-mcstats is NULL as the NIC has been fini'd. In this case do not attempt to...

CAPIO: Safe Kernel-Bypass of Commodity Devices Using Capabilities

Securing low-latency I/O in commodity systems forces a fundamental trade-off: rely on the kernel's high overhead mediated interface, or bypass it entirely, exposing sensitive hardware resources to userspace and creating new vulnerabilities. This dilemma stems from a hardware granularity mismatch:...

EUVD-2025-203779

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix fragment overflow handling in RX path The atlantic driver can receive packets with more than MAXSKBFRAGS 17 fragments when handling large multi-descriptor packets. This causes an out-of-bounds write in...

CVE-2025-68301

CVE-2025-68301 affects the Linux kernel net:atlantic RX path. The vulnerability arises when the Atlantic driver receives large multi-descriptor packets that exceed MAX_SKB_FRAGS, causing an out-of-bounds write in skb_add_rx_frag_netmem() and a kernel panic. The fix adds an assumption of an extra ...

Linux Distros Unpatched Vulnerability : CVE-2025-68301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: atlantic: fix fragment overflow handling in RX path The atlantic driver can receive packets with more than MAXSKBFRAGS 17 fragments when handling large...

CVE-2024-58310

APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like /etc/passwd by using encoded path...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987091)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987091 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPU...

CVE-2012-10040

Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...

CVE-2012-10040

Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...

CVE-2012-10040 Openfiler v2.x NetworkCard Command Execution

Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...

Linux Distros Unpatched Vulnerability : CVE-2023-3439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the MCTP protocol in the Linux kernel. The function mctpunregister reclaims the device's relevant resource when a netcard detaches. However,...

CVE-2019-20459

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. With the SNMPv1 public community, all values can be read, and with the epson community, all the changeable values can be written/updated, as demonstrated by permanently disabling the network card or changing the DNS...

Eaton Network-M2 安全漏洞

Eaton Network-M2 is a wireless network card from Eaton Corporation USA. A security vulnerability exists in the Eaton Network-M2 that stems from the inclusion of an improper input validation issue that could lead to command execution...

PT-2024-10735 · Epson · Epson Expression Home Xp255

Name of the Vulnerable Software and Affected Versions: Epson Expression Home XP255 version 20.08.FM10I8 Description: An issue was discovered that allows all values to be read with the SNMPv1 public community, and with the epson community, all the changeable values can be written/updated. This can...

CVE-2019-20459

An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. With the SNMPv1 public community, all values can be read, and with the epson community, all the changeable values can be written/updated, as demonstrated by permanently disabling the network card or changing the DNS...

CVE-2019-20459

CVE-2019-20459 affects Epson Expression Home XP255 (firmware 20.08.FM10I8). Red Hat and other sources report that SNMPv1 public community allows read access to all values, while the epson community permits writing/updating of changeable values (e.g., disabling the network card or altering DNS). T...