Lucene search
K

57 matches found

OSV
OSV
added 2026/06/12 12:26 p.m.8 views

OESA-2026-2657 lxc security update

Linux Containers userspace tools Security Fixes: lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-n...

6.5CVSS5.3AI score0.00162EPSS
Exploits1References2
OSV
OSV
added 2026/06/04 5:19 a.m.8 views

MGASA-2026-0172 Updated lxc packages fix security vulnerability

CVE-2026-39402, lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion...

6.5CVSS5.8AI score0.00162EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2026/05/29 8:4 a.m.11 views

openvswitch: vport: fix self-deadlock on release of tunnel ports

...

5.5CVSS5.4AI score0.00099EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/15 2:23 p.m.11 views

CVE-2026-39402

A flaw was found in LXC Linux Containers, specifically within the lxc-user-nic helper. This logic flaw allows an unprivileged attacker, with a valid lxc-usernet policy entry, to delete OpenVSwitch OVS-attached network interfaces owned by other users. In multi-tenant environments using lxc-user-ni...

6.5CVSS5.6AI score0.00162EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/05 8:45 p.m.6 views

CVE-2026-39402 lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

4.3CVSS5.8AI score0.00162EPSS
Exploits1References1
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:9 a.m.7 views

openvswitch: validate MPLS set/set_masked payload length

...

7.1CVSS5.2AI score0.00117EPSS
Exploits0
OSV
OSV
added 2026/04/17 1:2 p.m.9 views

OESA-2026-1960 openvswitch security update

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixes: "Description\n===========\n\nMultiple versions of Open vSwitch are vulnerable to crafted FTP payloads\ncausing invalid memory accesses, potential...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-22057)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22057 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: decrease cached dst counters in...

5.5CVSS6.7AI score0.00165EPSS
Exploits0References2
NVD
NVD
added 2026/01/13 4:15 p.m.4 views

CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

0.00186EPSS
Exploits0References7
OSV
OSV
added 2025/12/12 1:44 p.m.8 views

USN-7907-5 linux-azure, linux-azure-4.15, linux-oracle, vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

7.8CVSS6.4AI score0.00261EPSS
Exploits0References23
OSV
OSV
added 2025/12/09 4:17 p.m.1 views

DEBIAN-CVE-2023-53843

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next commit 759ab1edb56c "net: store netdevs in an xarray" refactored the handling of pre-assigned ifindexes and let syzbot surface a latent problem in ovs. ovs does...

5.8AI score0.00203EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2025/12/04 11:46 a.m.5 views

USN-7907-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

7.8CVSS7.1AI score0.00261EPSS
Exploits0
Ubuntu
Ubuntu
added 2025/12/03 12:14 p.m.6 views

USN-7907-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

7.8CVSS7.1AI score0.00261EPSS
Exploits0
Cvelist
Cvelist
added 2025/09/15 2:4 p.m.8 views

CVE-2023-53188 net: openvswitch: fix race on port output

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output assume the following setup on a single machine: 1. An openvswitch instance with one bridge and default flows 2. two network namespaces "server" and "client" 3. two ovs interfaces "server"...

0.00104EPSS
Exploits0References6
OSV
OSV
added 2025/08/28 7:36 p.m.8 views

USN-7703-4 linux-gke, linux-hwe-6.8, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

7.8CVSS6.5AI score0.13626EPSS
Exploits1References71
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-20267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance...

7.1CVSS6.3AI score0.01015EPSS
Exploits0References2
OSV
OSV
added 2025/08/19 9:22 p.m.6 views

USN-7703-1 linux, linux-aws, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...

7.8CVSS6.7AI score0.13626EPSS
Exploits1References71
Amazon
Amazon
added 2025/06/09 12:0 a.m.4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix WRITESAME No Data Buffer crash In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like...

9.8CVSS7AI score0.01483EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/04/09 7:0 a.m.2 views

openvswitch: use RCU protection in ovs_vport_cmd_fill_info()

...

7.8CVSS7.4AI score0.00227EPSS
Exploits0
Amazon
Amazon
added 2025/04/01 12:0 a.m.4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero CVE-2024-26982 In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix NULL pointer dereference in object-file...

7.8CVSS7.4AI score0.13626EPSS
Exploits3
Rows per page
Query Builder