25 matches found
UBUNTU-CVE-2026-53220
In the Linux kernel, the following vulnerability has been resolved: netfilter: revalidate bridge ports ebtredirecttg dereferences brportgetrcu return without a NULL check, causing a kernel panic when the bridge port has been removed between the original hook invocation and an NFQUEUE reinject. A...
Linux Distros Unpatched Vulnerability : CVE-2026-43495
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop...
PT-2026-4482
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ocelot driver, specifically within the ocelot set aggr pgids function. This issue can lead to a crash when adding an interface under a link aggregatio...
EUVD-2025-205217
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...
AZL-73087 CVE-2025-68745 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...
CVE-2025-68745
CVE-2025-68745 relates to Linux kernel SCSI QLA2XXX handling. Public details describe that commits related to offline port handling and host reset handling (scsi: qla2xxx: target: Fix offline port handling and host reset handling) and a subsequent fix for missed DMA unmaps (scsi: qla2xxx: Fix mis...
CVE-2025-68745 scsi: qla2xxx: Clear cmds after chip reset
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...
CVE-2025-68745 scsi: qla2xxx: Clear cmds after chip reset
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...
Linux Distros Unpatched Vulnerability : CVE-2025-39872
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device...
DEBIAN-CVE-2025-39872
In the Linux kernel, the following vulnerability has been resolved: hsr: hold rcu and dev lock for hsrgetportndev hsrgetportndev calls hsrforeachport, which need to hold rcu lock. On the other hand, before return the port device, we need to hold the device reference to avoid UaF in the caller...
CVE-2022-50047
The CVE-2022-50047 issue affects the Linux kernel’s net: dsa mv88e6060 code. When a port is neither a CPU port nor a user port, cpu_dp can be NULL, causing a NULL pointer dereference and kernel crash during mv88e6060_setup_port(). This is a local impact vulnerability that leads to a crash; connec...
AZL-61685 CVE-2025-22062 affecting package kernel for versions less than 6.6.92.2-1
In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in procsctpdoudpport We must serialize calls to sctpudpsockstop and sctpudpsockstart or risk a crash as syzbot reported: Oops: general protection fault, probably for non-canonical address...
AZL-61677 CVE-2025-22062 affecting package kernel for versions less than 5.15.184.1-1
In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in procsctpdoudpport We must serialize calls to sctpudpsockstop and sctpudpsockstart or risk a crash as syzbot reported: Oops: general protection fault, probably for non-canonical address...
CVE-2025-22062
In the Linux kernel, the following vulnerability has been resolved: sctp: add mutual exclusion in procsctpdoudpport We must serialize calls to sctpudpsockstop and sctpudpsockstart or risk a crash as syzbot reported: Oops: general protection fault, probably for non-canonical address...
CVE-2022-49134
Technical details about CVE-2022-49134 are not publicly provided in the supplied documents; no affected products/versions/fixes are specified here. Monitor for updates.
UBUNTU-CVE-2025-21637
In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udpport: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of the SRCPORT field in the ocelotifhsetbasic function in the net:mscc module, which could...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper handling of the SRCPORT field in the ocelotifhsetbasic function in the net:mscc module, which could...
kernel: cxl/port: Fix delete_endpoint() vs parent unregistration race
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix deleteendpoint vs parent unregistration race The CXL subsystem, at cxlmem -probe time, establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL topology. Each port including th...
ZTE MC801A 安全漏洞
The ZTE MC801A is a 5g indoor WiFi router from China's ZTE ZTE. The ZTE MC801A suffers from a buffer overflow vulnerability in the handling of tcp port parameters, which can be exploited by a remote attacker to submit a special request that can crash the application and cause a denial of service...