Lucene search
+L

31 matches found

redhat
redhat
added 2026/05/28 2:21 a.m.13 views

kernel: Linux kernel dpaa2-switch: Kernel memory corruption via out-of-bounds write

A flaw was found in the Linux kernel dpaa2-switch driver. This out-of-bounds write vulnerability occurs because the driver does not validate the numifs value reported by the firmware against the DPSWMAXIF limit. A highly privileged attacker, capable of influencing the DPAA2 firmware or management...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References5
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: “sh: push-switch: Reorder cleanup operations to avoid use-after-free bug” The original code placed “flushwork” before “timershutdownsync” in “switchdrvremove”. Although we use “flushwork” to stop the worker, it could be reschedul...

8.4CVSS6.2AI score0.00242EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: mlxsw: spectrumacltcam: Fixed incorrect use of the list API. Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call listfirstentry on the respective...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: dsa: don’t leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba, we had a issue where a call to tagops-disconnectdst was issued from dsatreefree, which was called during the tree teardown...

5.5CVSS5.4AI score0.0014EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/06 12:0 a.m.16 views

PT-2026-37545

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write issue exists in the dpaa2-switch driver. The driver retrieves the sw attr.num ifs value from firmware using the dpsw get attributes function without validating it...

7.8CVSS7.2AI score0.00139EPSS
Exploits0
cnnvd
cnnvd
added 2026/05/06 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the dpaa2-switch driver failing to validate the numifs value, potentially leading to out-of-bound...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References1
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-12955

Malicious code in bioql PyPI...

5.6AI score0.0014EPSS
Exploits0References3
nessus
nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-50047

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: dsa: mv88e6060: prevent crash on an unused port If the port isn't a CPU port nor a user port, 'cpudp' is a null pointer and a crash happened on dereferenci...

5.5CVSS6.5AI score0.00159EPSS
Exploits0References2
nvd
nvd
added 2025/05/01 3:16 p.m.37 views

CVE-2022-49808

In the Linux kernel, the following vulnerability has been resolved: net: dsa: don't leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba "net: dsa: introduce tagger-owned storage for private and shared data", we had a call to tagops-disconnectdst issued from...

5.5CVSS0.0014EPSS
Exploits0References2
cve
cve
added 2025/05/01 2:9 p.m.59 views

CVE-2022-49808

CVE-2022-49808 concerns the Linux kernel net: dsa teardown path where tagger-owned storage could leak on unbind. The provided description explains the root cause: in the dsa switch teardown path, tag_ops->disconnect was not properly dismantled during normal driver teardown, risking use-after-f...

5.5CVSS6.7AI score0.0014EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2025/05/01 2:9 p.m.41 views

CVE-2022-49808 net: dsa: don't leak tagger-owned storage on switch driver unbind

In the Linux kernel, the following vulnerability has been resolved: net: dsa: don't leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba "net: dsa: introduce tagger-owned storage for private and shared data", we had a call to tagops-disconnectdst issued from...

0.0014EPSS
Exploits0References2
debiancve
debiancve
added 2025/05/01 2:9 p.m.9 views

CVE-2022-49808

In the Linux kernel, the following vulnerability has been resolved: net: dsa: don't leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba "net: dsa: introduce tagger-owned storage for private and shared data", we had a call to tagops-disconnectdst issued from...

5.5CVSS5.6AI score0.0014EPSS
Exploits0
osv
osv
added 2025/05/01 2:9 p.m.22 views

CVE-2022-49808 net: dsa: don't leak tagger-owned storage on switch driver unbind

In the Linux kernel, the following vulnerability has been resolved: net: dsa: don't leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba "net: dsa: introduce tagger-owned storage for private and shared data", we had a call to tagops-disconnectdst issued from...

5.5CVSS5.2AI score0.0014EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2025/03/19 12:0 a.m.9 views

The vulnerability of the tb_port_update_credits() function in the drivers/thunderbolt/switch.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the tbportupdatecredits function in the drivers/thunderbolt/switch.c module of the Linux kernel is related to pointer manipulation. Exploiting this vulnerability could allow an attacker to cause a service failure...

7.5CVSS5.9AI score0.00225EPSS
Exploits0References7Affected Software1
osv
osv
added 2025/02/26 7:0 a.m.49 views

UBUNTU-CVE-2022-49195

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic on shutdown if multi-chip tree failed to probe DSA probing is atypical because a tree of devices must probe all at once, so out of N switches which call dsatreesetuproutingtable during probe, for N - 1 of them...

5.5CVSS5.7AI score0.00245EPSS
Exploits0References7
cnnvd
cnnvd
added 2024/10/21 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly release the cmdbuff in the dpaa2-switch driver when an error occurs in the...

5.5CVSS6.6AI score0.00233EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2024/07/16 12:15 p.m.25 views

CVE-2022-48814

In the Linux kernel, the following vulnerability has been resolved: net: dsa: seville: register the mdiobus under devres As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree...

5.5CVSS5.8AI score0.00268EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2024/07/16 12:15 p.m.18 views

CVE-2022-48815

In the Linux kernel, the following vulnerability has been resolved: net: dsa: bcmsf2: don't use devres for mdiobus As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree will...

5.5CVSS5.9AI score0.00268EPSS
Exploits0References6
ubuntucve
ubuntucve
added 2024/07/16 12:15 p.m.20 views

CVE-2022-48818

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree will...

5.5CVSS5.9AI score0.00273EPSS
Exploits0References6
ubuntucve
ubuntucve
added 2024/07/16 12:15 p.m.23 views

CVE-2022-48813

In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: don't use devres for mdiobus As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree will pan...

5.5CVSS6AI score0.00273EPSS
Exploits0References6
Rows per page
Query Builder