Lucene search
K

482 matches found

RedHat Linux
RedHat Linux
added 2026/04/20 9:6 p.m.6 views

kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution

A flaw was found in the Linux kernel's bonding module. This use-after-free vulnerability occurs when a new slave device is added to the bonding array but fails during the enslave process. A local attacker can exploit this by triggering the enslave failure, which may lead to a system crash,...

7.8CVSS6AI score0.00117EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/13 11:26 p.m.7 views

SUSE CVE-2026-31419

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release can mutate the slave list...

7CVSS5.7AI score0.00124EPSS
Exploits0References8
EUVD
EUVD
added 2026/04/13 3:31 p.m.5 views

EUVD-2026-21943

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release can mutate the slave list...

5.7AI score0.00124EPSS
Exploits0References4
NVD
NVD
added 2026/04/13 2:16 p.m.8 views

CVE-2026-31419

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release can mutate the slave list...

7.8CVSS0.00124EPSS
Exploits0References26
Cvelist
Cvelist
added 2026/04/13 1:40 p.m.41 views

CVE-2026-31419 net: bonding: fix use-after-free in bond_xmit_broadcast()

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release can mutate the slave list...

7.8CVSS0.00124EPSS
Exploits0References5
CVE
CVE
added 2026/04/13 1:40 p.m.69 views

CVE-2026-31419

Summary of CVE-2026-31419 : A use-after-free in the Linux kernel bonding driver is caused by a race in bond_xmit_broadcast() where the last slave determination can change during RCUs, leading to double-free of the original skb and a potential crash. The fix replaces the racy bond_is_last_slave() ...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References26Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/06 8:9 a.m.4 views

kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution

A flaw was found in the Linux kernel's bonding module. This use-after-free vulnerability occurs when a new slave device is added to the bonding array but fails during the enslave process. A local attacker can exploit this by triggering the enslave failure, which may lead to a system crash,...

7.8CVSS6.2AI score0.00117EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from failing to handle the unbinding of slave devices from the VRF context. This vulnerability may lead to...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/03/22 12:24 a.m.4 views

SUSE CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.9CVSS5.8AI score0.00117EPSS
Exploits0References16
Microsoft CVE
Microsoft CVE
added 2026/03/21 8:1 a.m.5 views

net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit

...

5.9CVSS5.8AI score0.00117EPSS
Exploits0
EUVD
EUVD
added 2026/03/20 9:32 a.m.4 views

EUVD-2026-13613

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.7AI score0.00117EPSS
Exploits0References4
OSV
OSV
added 2026/03/20 9:16 a.m.4 views

UBUNTU-CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/20 8:8 a.m.8 views

CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.6AI score0.00117EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2026/03/20 8:8 a.m.6 views

CVE-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/03/20 8:8 a.m.25 views

CVE-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

0.00117EPSS
Exploits0References8
CVE
CVE
added 2026/03/20 8:8 a.m.18 views

CVE-2026-23277

CVE-2026-23277 (TEQL NULL pointer dereference in iptunnel_xmit) is fixed in Linux kernel TEQL transmit path. When a GRE Gretap tunnel is TEQL slave, teql_master_xmit() transmits via netdev_start_xmit() without updating skb->dev to the slave. iptunnel_xmit then uses the original dev from skb-&g...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References8Affected Software1
UbuntuCve
UbuntuCve
added 2026/03/20 12:0 a.m.8 views

CVE-2026-23277

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: fix NULL pointer dereference in iptunnelxmit on TEQL slave xmit teqlmasterxmit calls netdevstartxmitskb, slave to transmit through slave devices, but does not update skb-dev to the slave device beforehand. When a...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that teqlmasterxmit does not update the skb-dev pointing to the slave device before sending...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References5
Fedora
Fedora
added 2026/03/07 12:33 a.m.8 views

[SECURITY] Fedora 44 Update: valkey-9.0.3-1.fc44

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.5CVSS5.8AI score0.00586EPSS
Exploits0
Fedora
Fedora
added 2026/03/05 12:57 a.m.4 views

[SECURITY] Fedora 43 Update: valkey-8.1.6-1.fc43

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

8.5CVSS6AI score0.00586EPSS
Exploits0
Rows per page
Query Builder