Lucene search
K

622 matches found

UbuntuCve
UbuntuCve
added 2026/04/24 3:16 p.m.8 views

CVE-2026-31565

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

5.5CVSS5.4AI score0.00095EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:35 p.m.6 views

CVE-2026-31565

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/04/24 2:35 p.m.7 views

EUVD-2026-25458

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

5.3AI score0.00095EPSS
Exploits0References7
CVE
CVE
added 2026/04/24 2:35 p.m.14 views

CVE-2026-31565

Summary: CVE-2026-31565 affects the Linux kernel RDMA/irdma component, where a netdev reset with active RDMA applications can deadlock during device/client removal (cma/uverbs paths). The root cause is a circular dependency between iWARP-related clients and references held during device reset, le...

5.5CVSS5.3AI score0.00095EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:35 p.m.26 views

CVE-2026-31565 RDMA/irdma: Fix deadlock during netdev reset with active connections

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

0.00095EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/04/24 2:35 p.m.5 views

CVE-2026-31565

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

5.5CVSS5.2AI score0.00095EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the Irdma driver waiting for the QP reference count to zero during network reset operations,...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.9 views

PT-2026-34917

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the RDMA/irdma component when a netdev reset is executed while RDMA applications are active. The netdev reset leads the ice driver to remove the irdma auxiliary...

9.8CVSS5.5AI score0.0049EPSS
Exploits7References468
Microsoft CVE
Microsoft CVE
added 2026/04/23 8:9 a.m.7 views

RDMA/irdma: Initialize free_qp completion before using it

...

5.5CVSS5.2AI score0.00123EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.9 views

SUSE CVE-2026-31492

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up which will attempt to wait on the freeqp completion, which is not initialized yet. Fix thi...

5.5CVSS5.6AI score0.00123EPSS
Exploits0References11
EUVD
EUVD
added 2026/04/22 3:31 p.m.6 views

EUVD-2026-24862

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up which will attempt to wait on the freeqp completion, which is not initialized yet. Fix thi...

5.6AI score0.00123EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/22 1:54 p.m.29 views

CVE-2026-31492 RDMA/irdma: Initialize free_qp completion before using it

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up which will attempt to wait on the freeqp completion, which is not initialized yet. Fix thi...

0.00123EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34397

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the RDMA/irdma component where the free qp completion is not initialized before use. Specifically, in the irdma create qp function, if the ib copy to udata call fails,...

9.8CVSS5.2AI score0.00525EPSS
Exploits0References152
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.7 views

PT-2026-32351

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Reliable Delivery Service RDS implementation for InfiniBand IB. The function rds ib get mr allows FRMR memory registration to proceed before an IB connection is full...

9.8CVSS5.3AI score0.0049EPSS
Exploits0References470
NVD
NVD
added 2026/04/09 10:16 p.m.17 views

CVE-2026-35639

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation ...

8.8CVSS0.00458EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/09 9:27 p.m.20 views

CVE-2026-35639 OpenClaw < 2026.3.22 - Privilege Escalation via device.pair.approve Scope Validation

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation ...

8.8CVSS0.00458EPSS
Exploits0References4
CVE
CVE
added 2026/04/09 9:27 p.m.21 views

CVE-2026-35639

CVE-2026-35639 affects OpenClaw prior to 2026.3.22. The vulnerability is in the device.pair.approve method, where an operator.pairing approver can approve pending device requests with broader operator scopes than the approver holds. This insufficient scope validation can escalate privileges to op...

8.8CVSS6.5AI score0.00458EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:27 p.m.1 views

CVE-2026-35639

OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient scope validation ...

8.8CVSS6.5AI score0.00458EPSS
Exploits0References5
Snyk
Snyk
added 2026/04/09 5:36 p.m.4 views

Improper Privilege Management

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Privilege Management via the node.pair.approve function being assigned to the broader operator.write scope instead of the intended operator.pairing scope. An attacker can gain...

8.8CVSS5.8AI score0.00282EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.10 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.22 contained security vulnerabilities. These vulnerabilities stemmed from insufficient range validation in the device.pair.approve method, which could lead to privilege escalati...

8.8CVSS6.2AI score0.00458EPSS
Exploits0References4
Rows per page
Query Builder