700 matches found
EUVD-2026-18677
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
EUVD-2026-18694
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdcncmrxverifyndp32. The DPE array size is validated against the total skb length withou...
CVE-2026-23436
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23442
In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths in6devget can return NULL when the device has no IPv6 configuration e.g. MTU IPV6MINMTU or after NETDEVUNREGISTER. Add NULL checks for idev returned by in6devget in both...
CVE-2026-23437
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23459
In the Linux kernel, the following vulnerability has been resolved: iptunnel: adapt iptunnelxmitstats to NETDEVPCPUSTATDSTATS Blamed commits forgot that vxlan/geneve use udptunnel6xmitskb which call iptunnelxmitstats. iptunnelxmitstats was assuming tunnels were only using NETDEVPCPUSTATTSTATS...
CVE-2026-23451
In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...
CVE-2026-23442
In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths in6devget can return NULL when the device has no IPv6 configuration e.g. MTU IPV6MINMTU or after NETDEVUNREGISTER. Add NULL checks for idev returned by in6devget in both...
CVE-2026-23437 net: shaper: protect late read accesses to the hierarchy
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect late read accesses to the hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23436
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
CVE-2026-23436 net: shaper: protect from late creation of hierarchy
In the Linux kernel, the following vulnerability has been resolved: net: shaper: protect from late creation of hierarchy We look up a netdev during prep of Netlink ops pre- callbacks and take a ref to it. Then later in the body of the callback we take its lock or RCU which are the actual...
kernel: macvlan: fix error recovery in macvlan_common_newlink()
A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table e.g., due to an invalid interface name, the hash entry still references the freed netdevice structure. Subsequent packets...
CVE-2019-25651
Ubiquiti UniFi Network Controller prior to 5.10.12 excluding 5.6.42, UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weakness...
CVE-2026-23320
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: align netdevice lifecycle with bind/unbind Currently, the netdevice is allocated in ncmallocinst and freed in ncmfreeinst. This ties the network interface's lifetime to the configuration instance rather than th...
CVE-2026-23320
Removed by vendor...
PT-2026-27685
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f ncm: align net device lifecycle with bind/unbind Currently, the net device is allocated in ncm alloc inst and freed in ncm free inst. This ties the network interface's lifetime to the configuration instance rather...
CVE-2026-23277
In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2026-1644)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2026-23258
In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this structure is stored in oct-propsi.netdev only after the calls to...
CVE-2026-23258 net: liquidio: Initialize netdev pointer before queue setup
In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this structure is stored in oct-propsi.netdev only after the calls to...