CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/05/06 1:41 a.m.•2 views

SUSE CVE-2026-43039

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...

RedhatCVE•added 2026/05/01 6:4 p.m.•0 views

CVE-2026-43039

A flaw was found in the Linux kernel's icssg-prueth network driver. This vulnerability allows for information disclosure, where uninitialized kernel memory contents can be exposed to user applications. This occurs because the driver fails to properly copy received packet data into a network buffe...

NVD•added 2026/05/01 3:16 p.m.•2 views

Exploits0References4

CVE-2026-43039

9.8CVSS0.00061EPSS

ATTACKERKB•added 2026/05/01 2:15 p.m.•0 views

CVE-2026-43039

5.9AI score0.00061EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/01 2:15 p.m.•28 views

CVE-2026-43039 net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch

9.8CVSS0.00061EPSS

EUVD•added 2026/05/01 2:15 p.m.•2 views

EUVD-2026-26638

5.9AI score0.00061EPSS

Debian CVE•added 2026/05/01 2:15 p.m.•5 views

CVE-2026-43039

CVE•added 2026/05/01 2:15 p.m.•3 views

Exploits0

CVE-2026-43039

CVE-2026-43039 concerns the Linux kernel icssg-prueth driver. In ZC RX dispatch, emac_dispatch_skb_zc() allocates a new skb via napi_alloc_skb() but fails to copy the received packet data from the XDP buffer, causing uninitialized heap memory to be passed up the stack and potentially leaking kern...

9.8CVSS5.9AI score0.00061EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/05/01 12:0 a.m.•4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the emacdispatchskbzc function in the icssg-prueth driver failing to copy XDP buffer data to a new skb,...

9.8CVSS5.9AI score0.00061EPSS

Exploits0References1

Positive Technologies•added 2026/05/01 12:0 a.m.•3 views

PT-2026-36456

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the emac dispatch skb zc function where a new skb is allocated via napi alloc skb but packet data from the XDP buffer is not copied into it. This results in the skb...

9.8CVSS5.9AI score0.00061EPSS

Exploits0References14

SUSE CVE•added 2026/04/23 1:25 a.m.•2 views

SUSE CVE-2026-31501

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path cppi5hdescgetpsdata returns a pointer into the CPPI descriptor. In both emacrxpacket and emacrxpacketzc, the descriptor is freed via k3cppidescpoolfree befor...

9.8CVSS5.6AI score0.00061EPSS

RedhatCVE•added 2026/04/22 7:39 p.m.•0 views

CVE-2026-31501

A flaw was found in the Linux kernel's net: ti: icssg-prueth driver. This use-after-free vulnerability occurs in the receive RX path, where a data structure CPPI descriptor is released from memory before all necessary operations on its contents are complete. A remote attacker could exploit this b...

CVE•added 2026/04/22 1:54 p.m.•2 views

Exploits0References4

CVE-2026-31501

The CVE-2026-31501 issue affects the Linux kernel net: ti: icssg-prueth driver and is a use-after-free in the RX path. cpp i5_hdesc_get_psdata() returns a pointer into the CPPI descriptor, and the descriptor is freed via k3_cppi_desc_pool_free() before psdata[0]/psdata[1] are used by emac_rx_time...

9.8CVSS5.6AI score0.00061EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/04/22 1:54 p.m.•26 views

CVE-2026-31501 net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path

9.8CVSS0.00061EPSS

CNNVD•added 2026/04/22 12:0 a.m.•2 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the premature release of the CPPI descriptor in the RX path within the icssg-prueth driver. This...

Positive Technologies•added 2026/04/22 12:0 a.m.•0 views

Exploits0References1

PT-2026-34406

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the RX path of the icssg-prueth component. The function cppi5 hdesc get psdata returns a pointer to the CPPI descriptor. In the functions emac rx packet...

9.8CVSS5.2AI score0.00061EPSS

Exploits0References5

SUSE CVE•added 2026/04/03 11:27 p.m.•1 views

SUSE CVE-2026-23453

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

7.5CVSS5.7AI score0.00057EPSS

RedhatCVE•added 2026/04/03 6:52 p.m.•1 views

CVE-2026-23453

A flaw was found in the Linux kernel's net: ti: icssg-prueth network driver. When XDP eXpress Data Path programs drop packets in non-zero-copy mode, memory pages are not properly returned to the system's page pool. This memory leak can lead to Out of Memory OOM conditions, causing a Denial of...

7.5CVSS5.9AI score0.00057EPSS

Exploits0References4

EUVD•added 2026/04/03 6:31 p.m.•1 views

EUVD-2026-18706

5.8AI score0.00057EPSS