Lucene search
K

15 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Networks: Bridges – Fix for use-after-free due to bypassing the port’s state. 1 Syzbot reported a use-after-free when deleting an expired fdb. This issue arises due to a race condition between the ongoing learning process and the...

6.4AI score0.00183EPSS
Exploits0References4
OSV
OSV
added 2026/06/04 5:19 a.m.9 views

MGASA-2026-0172 Updated lxc packages fix security vulnerability

CVE-2026-39402, lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion...

6.5CVSS5.8AI score0.00162EPSS
Exploits1References4
Mageia
Mageia
added 2026/06/04 5:19 a.m.11 views

Updated lxc packages fix security vulnerability

CVE-2026-39402, lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion...

6.5CVSS5.8AI score0.00162EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/05/05 8:45 p.m.6 views

CVE-2026-39402 lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion

lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...

4.3CVSS5.8AI score0.00162EPSS
Exploits1References1
CVE
CVE
added 2026/05/05 8:45 p.m.17 views

CVE-2026-39402

Summary: CVE-2026-39402 affects the LXC user network helper (lxc-user-nic) in multi-tenant setups using Open vSwitch bridges. The delete path in the setuid helper contains a logic flaw in find_line() that can authorize deletion based on a name match even when ownership/type/link fields belong to ...

6.5CVSS5.8AI score0.00162EPSS
Exploits1References1Affected Software1
SUSE CVE
SUSE CVE
added 2025/12/09 12:24 a.m.4 views

SUSE CVE-2025-40297

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...

7CVSS6.2AI score0.00183EPSS
Exploits0References131
NVD
NVD
added 2025/12/08 1:16 a.m.4 views

CVE-2025-40297

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...

0.00183EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/08 12:46 a.m.26 views

CVE-2025-40297 net: bridge: fix use-after-free due to MST port state bypass

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...

0.00183EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/12/08 12:46 a.m.3 views

CVE-2025-40297

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...

5.3AI score0.00183EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-40297

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition betwe...

7AI score0.00183EPSS
Exploits0References3
OSV
OSV
added 2025/07/09 11:15 a.m.8 views

UBUNTU-CVE-2025-38248

In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration The bridge maintains a global list of ports behind which a multicast router resides. The list is consulted during forwarding to ensure multicast packets are...

7.8CVSS6.2AI score0.00248EPSS
Exploits1References41
BDU FSTEC
BDU FSTEC
added 2024/12/05 12:0 a.m.6 views

The vulnerability of the lpfc component in the Linux operating system’s kernel allows a hacker to gain elevated privileges within the system.

The vulnerability of the lpfc component in the Linux operating system’s kernel is related to concurrent resource access race condition in the lpfcvportdelete function. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

8.8CVSS6.4AI score0.00222EPSS
Exploits0References34Affected Software7
Microsoft CVE
Microsoft CVE
added 2024/11/09 8:0 a.m.3 views

scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()

...

7.8CVSS7.2AI score0.00209EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.4 views

kernel: scsi: qla2xxx: Fix scheduling while atomic

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix scheduling while atomic The driver makes a call into midlayer fcremoteportdelete which can put the thread to sleep. The thread that originates the call is in interrupt context. The combination of the two trigge...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2010/01/19 11:30 p.m.8 views

kernel: qla2xxx NPIV vport management pseudofiles are world writable

A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux RHEL 5, when NPort ID Virtualization NPIV hardware is used, sets world-writable permissions for the 1 vportcreate and 2 vportdelete files under /sys/class/scsihost/, which allows loc...

1.9CVSS6AI score0.00383EPSS
Exploits2References4
Rows per page
Query Builder