Lucene search
K

57 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 11:42 p.m.6 views

CVE-2026-53220

A flaw was found in the Linux kernel's netfilter component. A local attacker could exploit a NULL pointer dereference vulnerability in the ebtredirecttg function. This occurs when a bridge port is removed and a packet is reinjected into NFQUEUE, leading to a kernel panic and a Denial of Service D...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39311

In the Linux kernel, the following vulnerability has been resolved: netfilter: revalidate bridge ports ebtredirecttg dereferences brportgetrcu return without a NULL check, causing a kernel panic when the bridge port has been removed between the original hook invocation and an NFQUEUE reinject. A...

5.7AI score0.00127EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-52947

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

7.8CVSS0.00135EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.6 views

UBUNTU-CVE-2026-52925

In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...

5.7AI score0.00164EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/24 7:14 a.m.7 views

EUVD-2026-38728

In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...

5.8AI score0.00164EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.5 views

CVE-2026-52925

In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent call to netdevmasterupperdevgetrcu will return a VRF device. They then...

5.7AI score0.00164EPSS
Exploits0
CVE
CVE
added 2026/06/24 7:14 a.m.12 views

CVE-2026-52925

The CVE-2026-52925 entry relates to the Linux kernel VRF handling. The vulnerability arose from a race where an RCU reader identifying a net device as a VRF port could dereference l3mdev operations of a master device (e.g., a bridge) after netdev_master_upper_dev_get_rcu() returned it as a VRF de...

5.8AI score0.00164EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the qrtr port remove function where the socket reference count is decremented using sock put before the port is removed from the qrtr ports XArray and before the RCU...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51718

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Null Pointer Dereference NPD can occur when removing a port from a Virtual Routing and Forwarding VRF instance. RCU readers using netif is l3 slave may incorrectly assume that netdev...

6AI score0.00164EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-52925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vrf: Fix a potential NPD when removing a port from a VRF RCU readers that identified a net device as a VRF port using netifisl3slave assume that a subsequent ca...

6AI score0.00164EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rapidio: rio: Fixed a possible name leak in rioregistermport. If deviceregister returns an error, the name allocated by devsetname needs to be freed. This should be done using putdevice, so that the reference in the error path is...

5.3AI score0.00204EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fixed the race condition involving the deleteendpoint function and the unregistration of parent ports. The CXL subsystem establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL...

4.7CVSS5.7AI score0.0018EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Net: Bridge: mcast: Wait for previous GC cycles when removing a port The syzbot encountered a use-after-free issue1. This issue occurs because the bridge does not ensure that all previous garbage collection cycles are completed...

7.8CVSS6.3AI score0.00217EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix access violation during port device removal Testing with KASAN and syzkaller revealed a bug in the port.c:disablestore function. The usbhubtostructhub function may return NULL if the hub to which the port belongs i...

9.1CVSS6.1AI score0.00923EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fixed the use of memory after freeing it in scsihexpandernoderemove. The function mpt3sastransportportremove called within scsihexpandernoderemove frees the port field of the sasexpander structure. This leads to a...

7.8CVSS6.3AI score0.00237EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31530

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cxl/port: Fix use after free of parentport in cxldetachep cxldetachep is called during bottom-up removal when all CXL memory devices beneath a switch port have...

7.8CVSS7AI score0.00125EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011261)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011261 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix crash in transport port remove by using iocinfo During...

5.6AI score0.00192EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013040)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013040 advisory. In the Linux kernel, the following vulnerability has been resolved: nvme-fc: use lock accessing portstate and rport state nvmefcunregisterremote removes the remote...

5.7AI score0.00197EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/04/08 5:15 a.m.7 views

kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init

A flaw was found in the Linux kernel's bridge multicast functionality. A local user could trigger a use-after-free vulnerability, a type of memory corruption, by improperly configuring network bridge router ports. This issue arises because the system fails to correctly remove ports from its...

7.8CVSS6.7AI score0.00248EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2026/02/16 12:25 a.m.7 views

SUSE CVE-2026-23164

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

5.5CVSS5.2AI score0.00115EPSS
Exploits0References3
Rows per page
Query Builder