Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 11:42 p.m.6 views

CVE-2026-53184

A flaw was found in the Linux kernel. When a User Datagram Protocol UDP socket is configured with a sockmap, and a BPF Berkeley Packet Filter program attached to it calls a socket-lookup helper, the skb-dev field is not properly cleared. This improper handling of the skb-dev field can lead to a...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:38 a.m.13 views

CVE-2026-53184

The CVE-2026-53184 issue affects the Linux kernel UDP sockmap path. On UDP receive, skb->dev is repurposed as dev_scratch; when a SK_SKB verdict program uses BPF socket-lookup helpers (bpf_sk_lookup_tcp/udp, bpf_skc_lookup_tcp), skb->dev may still hold the dev_scratch value, and dev_net(skb...

7.5CVSS5.7AI score0.00506EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39275

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

5.7AI score0.00506EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed the NULL pointer dereference in the route error path of ipv4 null-ptr-deref. The IPv4 code path in ipvsgetoutrt calls dstlinkfailure, without ensuring that skb-dev is set. This leads to a NULL pointer dereference in...

6AI score0.00173EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 8:16 a.m.3 views

UBUNTU-CVE-2026-52912

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

7.8CVSS5.6AI score0.00142EPSS
Exploits0References11
OSV
OSV
added 2026/03/20 8:8 a.m.6 views

CVE-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/01/15 12:25 a.m.4 views

SUSE CVE-2025-68813

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...

7.5CVSS6.6AI score0.00173EPSS
Exploits0References162
RedhatCVE
RedhatCVE
added 2026/01/15 12:24 a.m.12 views

CVE-2025-68813

A NULL pointer dereference vulnerability was found in the Linux kernel's IPVS IP Virtual Server implementation. In ipvsgetoutrt, when route lookup fails, dstlinkfailure is called with skb-dev set to NULL. The subsequent call chain through ipv4linkfailure to fibcomputespecdst dereferences skb-dev,...

5.5CVSS6.3AI score0.00173EPSS
Exploits0References4
NVD
NVD
added 2026/01/13 4:16 p.m.3 views

CVE-2025-68813

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...

0.00173EPSS
Exploits0References7
OSV
OSV
added 2026/01/13 3:29 p.m.5 views

CVE-2025-68813 ipvs: fix ipv4 null-ptr-deref in route error path

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL pointer dereference in fibcomputespecdst when ipv4linkfailure attempts t...

6.5AI score0.00173EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.4 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not setting skb-dev in a routing error path, which could lead to a null pointer dereference...

6.1AI score0.00173EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-68813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipvs: fix ipv4 null-ptr-deref in route error path The IPv4 code path in ipvsgetoutrt calls dstlinkfailure without ensuring skb-dev is set, leading to a NULL...

6.3AI score0.00173EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.4 views

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-49982)

In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 aoe: fix the potential use-after- free problem in aoecmdcfgpkts makes tx calling devput instead of doing in aoecmdcfgpkts. It...

7.8CVSS6.6AI score0.00259EPSS
Exploits0References6
OSV
OSV
added 2025/06/18 11:15 a.m.11 views

AZL-70355 CVE-2022-50073 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in devparseheaderprotocol when skb-dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tapgetuser calls virtionethdrtoskb the skb-dev is null in tap.c skb-dev is set aft...

5.5CVSS6.3AI score0.00159EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/18 11:2 a.m.19 views

CVE-2022-50073 net: tap: NULL pointer derefence in dev_parse_header_protocol when skb->dev is null

In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in devparseheaderprotocol when skb-dev is null Fixes a NULL pointer derefence bug triggered from tap driver. When tapgetuser calls virtionethdrtoskb the skb-dev is null in tap.c skb-dev is set aft...

0.00159EPSS
Exploits0References4
CVE
CVE
added 2025/06/18 11:2 a.m.91 views

CVE-2022-50073

CVE-2022-50073 affects the Linux kernel TAP path. Root cause: in dev_parse_header_protocol the code dereferences skb->dev which can be NULL when the tap driver calls virtio_net_hdr_to_skb, causing a NULL pointer dereference. The issue is triggered in tap_get_user/tap_sendmsg paths and can cras...

5.5CVSS6.1AI score0.00159EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/21 6:2 p.m.32 views

CVE-2024-49982 aoe: fix the potential use-after-free problem in more places

In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing CVE-2023-6270, f98364e92662 "aoe: fix the potential use-after-free problem in aoecmdcfgpkts" makes tx calling devput instead of doing in aoecmdcfgpkts. It...

6.9AI score0.00259EPSS
Exploits0References9
OSV
OSV
added 2024/05/17 2:27 p.m.26 views

CVE-2024-35839 netfilter: bridge: replace physindev with physinif in nf_bridge_info

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: replace physindev with physinif in nfbridgeinfo An skb can be added to a neigh-arpqueue while waiting for an arp reply. Where original skb's skb-dev can be different to neigh's neigh-dev. For instance in case o...

5.5CVSS6.1AI score0.00223EPSS
Exploits0References7
Rows per page
Query Builder