Lucene search
K

317 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 10:58 p.m.8 views

CVE-2026-53012

A flaw was found in the Linux kernel's networking subsystem. When an IPv6 nexthop is replaced with an IPv4 nexthop, a flag indicating the presence of IPv4 members in nexthop groups is not correctly updated. This can lead to IPv6 routes referencing groups that only contain IPv4 members. A local...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38880

In the Linux kernel, the following vulnerability has been resolved: nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all groups containing this nexthop is not updated. This is because...

5.7AI score0.00185EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53012

In the Linux kernel, the following vulnerability has been resolved: nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all groups containing this nexthop is not updated. This is because...

0.00185EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 4:29 p.m.2 views

CVE-2026-53012 nexthop: fix IPv6 route referencing IPv4 nexthop

In the Linux kernel, the following vulnerability has been resolved: nexthop: fix IPv6 route referencing IPv4 nexthop syzbot reported a panic 1 2. When an IPv6 nexthop is replaced with an IPv4 nexthop, the hasv4 flag of all groups containing this nexthop is not updated. This is because...

5.8AI score0.00185EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 4:29 p.m.13 views

CVE-2026-53012

CVE-2026-53012 : In the Linux kernel, a race/logic error allows IPv6 routes to reference an IPv4 nexthop because the has_v4 flag in groups is not updated when the nexthop family changes from AF_INET6 to AF_INET. The issue occurs when an IPv6 nexthop is replaced with an IPv4 nexthop and the has_v4...

5.7AI score0.00185EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ipv4: A reference count leak was fixed when using error routes with nexthop objects. When a nexthop object is deleted, it is marked as “dead”, and then fibtableFlush is called to flush all routes that use the dead nexthop. The...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-51906

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs when an IPv6 nexthop is replaced with an IPv4 nexthop. This happens because the has v4 flag of all groups containing the nexthop is not updated, as the ...

6AI score0.00185EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.23 views

Linux Distros Unpatched Vulnerability : CVE-2026-46099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to...

8.1CVSS6AI score0.00321EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.14 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fixed a division by zero issue when replacing a resilient group. The resilient nexthop group-related torture tests in fibnexthop.sh exposed a possible division by zero issue when replacing a resilient group 1. This...

5.5CVSS5.5AI score0.00208EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: Added lwtunnel encap size for all siblings in the nexthop calculation. In the function rt6nlmsgsize, the length of nexthop is calculated by multiplying the nexthop length of fib6info with the number of siblings. However, if...

5.5CVSS5.8AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: ipv4: Handled attempts to delete multipath routes when fibinfo contains a reference to nh. Gwangun Jung reported a buffer overflow vulnerability in fibnhmatch: fibnhmatch+0xf98/0x1130, linux-6.0-rc7/net/ipv4/fibsemantics.c:961...

7.1CVSS6.5AI score0.00254EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: net: ipv4: fixed the issue where deleting routes with a nexthop object triggered a warning. The FRR team encountered a kernel warning1 while deleting routes2. This issue occurred when attempting to delete a route that pointed ...

5.5CVSS6.4AI score0.00254EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: vxlan: Fixed the nexthop hash size. The nexthop code expects a 31-bit hash, such as the one returned by fibmultipathhash and rt6multipathhash. Passing a 32-bit hash returned by skbgethash can lead to issues, especially when th...

7.8CVSS5.9AI score0.00154EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Fixed the issue of “use-after-free” in removenhgrpentry. When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer, and then immediately frees the removed entry’s percpu sta...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks 1 that can be reduced to the following commands: ip nexthop add id 1 blackhole devlink dev reload pci/0000:06:00.0 As part of the...

7.1CVSS6.3AI score0.00211EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: Release the next-hop information upon device removal The CI is experiencing some non-periodic hangs during device removal in the pmtu.sh self-test: unregisternetdevice: Waiting for vethA-R1 to become available. Usage count ...

5.5CVSS6.4AI score0.00203EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix null pointer dereference when IPv6 is not enabled When we try to add an IPv6 nexthop and IPv6 is not enabled !CONFIGIPV6 we'll hit a NULL pointer dereference1 in the error path of nhcreateipv6 due to calling...

5.5CVSS6.1AI score0.00207EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.11 views

SUSE CVE-2026-43374

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/08 9:5 p.m.12 views

CVE-2026-43374

A flaw was found in the Linux kernel's networking net: nexthop component. When a nexthop is removed from a group, the system prematurely frees per-CPU percpu statistics memory. This timing issue allows other parts of the kernel that are still referencing the old group to access and potentially...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28680

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...

5.8AI score0.00125EPSS
Exploits0References5
Rows per page
Query Builder