697 matches found
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-43454
A flaw was found in the Linux kernel's netfilter nftables component. This vulnerability allows for duplicate device registration when handling network device registration notifications. Such duplicate registrations can lead to unexpected system behavior or instability...
CVE-2026-43422
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-43454
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix for duplicate device in netdev hooks When handling NETDEVREGISTER notification, duplicate device registration must be avoided since the device may have been added by nftnetdevhookalloc already when creati...
CVE-2026-43454
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fix for duplicate device in netdev hooks When handling NETDEVREGISTER notification, duplicate device registration must be avoided since the device may have been added by nftnetdevhookalloc already when creati...
PT-2026-39083
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the legacy NCM driver within the gncm bind function. This issue arises because the driver attempts to access the net device before it is fully...
PT-2026-39082
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the f ncm USB gadget driver allows a network device to outlive its parent gadget device during disconnection. This leads to dangling sysfs links and null pointer dereference...
CVE-2026-43234
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
CVE-2026-43234 team: avoid NETDEV_CHANGEMTU event when unregistering slave
In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEVCHANGEMTU event when unregistering slave syzbot is reporting unregisternetdevice: waiting for netdevsim0 to become free. Usage count = 3 reftracker: netdev@ffff88807dcf8618 has 1/2 users at netdevtrackeralloc...
CVE-2026-43219 net: cpsw_new: Fix potential unregister of netdev that has not been registered yet
In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Fix potential unregister of netdev that has not been registered yet If an error occurs during registernetdev for the first MAC in cpswregisterports, even though cpsw-slaves0.ndev is set to NULL, cpsw-slaves1.ndev...
CVE-2026-43219
CVE-2026-43219 concerns the Linux kernel networking code in cpsw_new. The issue arises when register_netdev() fails for the first MAC in cpsw_register_ports() but cpsw->slaves[1].ndev remains set, allowing cpsw_unregister_ports() to later try to unregister the second MAC. The root cause is not...
CVE-2026-43219
In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Fix potential unregister of netdev that has not been registered yet If an error occurs during registernetdev for the first MAC in cpswregisterports, even though cpsw-slaves0.ndev is set to NULL, cpsw-slaves1.ndev...
CVE-2026-43103
In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEVPRETYPECHANGE lapbethdatatransmit expects the underlying device type to be ARPHRDETHER. Returning NOTIFYBAD from lapbethdeviceevent makes sure bonding driver can not break this expectation...
CVE-2026-43103
CVE-2026-43103 affects the Linux kernel net/lapbether driver: lapbeth_data_transmit() assumes the underlying device type is ARPHRD_ETHER, and returning NOTIFY_BAD from lapbeth_device_event() prevents the bonding driver from violating this expectation. The vulnerability is resolved in upstream ker...
PT-2026-37559
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the cpsw new component of the Linux kernel. An error during the register netdev process for the first MAC in cpsw register ports could lead to a situation where cpsw...
PT-2026-37574
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the team driver where a NETDEV CHANGEMTU event is triggered during the unregistration of a slave. This can lead to a situation where the system waits for a network...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to refresh states and policies during the NETDEVUNREGISTER event. This could lead to ...
systemd security update
257-13.0.1.el101.3 - Fix detection of Oracle Virtualization or BM envs Orabug: 37531877 - Avoid udevadm warnings when using udev valid configs Orabug: 37503197 - allow dm remove ioctl to co-operate with UEK3 Orabug: 18467469 - set 'RemoveIPC=no' in logind.conf as default Orabug: 22224874 - Fix...
CVE-2026-31723
A flaw was found in the Linux kernel's usb: gadget: fsubset component. This vulnerability arises from an issue in how network device resources are managed during the unbinding of a USB gadget function. When the parent device is destroyed, the associated network device may persist, creating...
CVE-2026-31695
In the Linux kernel, the following vulnerability has been resolved: wifi: virtwifi: remove SETNETDEVDEV to avoid use-after-free Currently we execute SETNETDEVDEVdev, &priv-lowerdev-dev for the virtwifi net devices. However, unregistering a virtwifi device in netdevruntodo can happen together with...