5092 matches found
CVE-2026-25804
Antrea has a uint16 arithmetic overflow in its network policy priority assignment system that can cause incorrect OpenFlow priority calculations when there are many policies with varying priorities. Affected versions are Antrea before 2.3.2 and before 2.4.3. The issue can lead to potentially inco...
Antrea has invalid enforcement order for network policy rules caused by integer overflow
Impact Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. If a user creates ...
GHSA-86X4-WP9F-WRR9 Antrea has invalid enforcement order for network policy rules caused by integer overflow
Impact Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. If a user creates ...
PT-2026-6837
Name of the Vulnerable Software and Affected Versions Antrea versions prior to 2.3.2 Antrea versions prior to 2.4.3 Description Antrea, a Kubernetes networking solution, contains a flaw in its network policy priority assignment system. A uint16 arithmetic overflow bug leads to incorrect OpenFlow...
Antrea 安全漏洞
Antrea is an open-source Kubernetes network configuration software developed by antrea.io. Versions prior to 2.3.2 and 2.4.3 of Antrea contained security vulnerabilities. These vulnerabilities were due to a uint16 arithmetic overflow error in the network policy priority allocation system, which...
Antrea has invalid enforcement order for network policy rules caused by integer overflow
Antrea's network policy priority assignment system has a uint16 arithmetic overflow bug that causes incorrect OpenFlow priority calculations when handling a large numbers of policies with various priority values. This results in potentially incorrect traffic enforcement. If a user creates a large...
kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...
kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing
In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...
CVE-2026-22976
CVE-2026-22976 affects the Linux kernel’s net/sched sch_qfq, where two qfq_class objects can reference the same leaf_qdisc. In certain teardown paths (e.g., when a qdisc is pending destruction via tc_new_tfilter and another qdisc is root-attached), a shared leaf_qdisc may have q.qlen > 0 while...
MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.181-2.6.14.1.AXS4 (AXSA:2018-2999:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2999:02 advisory. OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass Hotspot, 8192025 CVE-2018-2814 OpenJDK: unrestricted deserialization of...
team: fix check for port enabled in team_queue_override_port_prio_changed()
...
SUSE CVE-2025-71091
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...
CVE-2025-71091
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...
CVE-2025-71091
The CVE-2025-71091 issue is in the Linux kernel: when a port is disabled but queue priority changes are processed, team_queue_override_port_prio_changed() could run a del on an already-removed list node, triggering a kernel bug. The fix adds an early return when the port is not enabled to avoid t...
CVE-2025-71091 team: fix check for port enabled in team_queue_override_port_prio_changed()
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...
CVE-2025-71091
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...
CVE-2025-71091 team: fix check for port enabled in team_queue_override_port_prio_changed()
In the Linux kernel, the following vulnerability has been resolved: team: fix check for port enabled in teamqueueoverrideportpriochanged There has been a syzkaller bug reported recently with the following trace: listdel corruption, ffff888058bea080-prev is LISTPOISON2 dead000000000122 -----------...
PT-2026-2612
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's team module related to port management. Specifically, a double-free condition can occur within the team queue override port prio changed function when...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from improper checking of the port enabled state in the teamqueueoverrideportpriochanged function, which could...
WordPress Block Slider plugin <= 2.2.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin Block Slider versions = 2.2.3...