134 matches found
SUSE CVE-2026-43012
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Harden uplink netdev access against device unbind The function mlx5uplinknetdevget gets the uplink netdevice pointer from mdev-mlx5eres.uplinknetdev. However, the netdevice can be removed and its pointer cleared when...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Disabled MACsec offload for uplink representative profiles MACsec offload is not supported in the switchdev mode for uplink representatives. When switching to the uplink representative profile, the MACsec offload...
CVE-2026-43012
A flaw was found in the Linux kernel's net/mlx5 driver. This vulnerability occurs when the switchdev mode fails to initialize or transition correctly, leading to an improper rollback to legacy mode. During this rollback, the system attempts to unregister an already unregistered uplink network...
CVE-2026-43012
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...
EUVD-2026-26611
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...
CVE-2026-43012
CVE-2026-43012 refers to a Linux kernel issue in the net/mlx5 driver where a failed switchdev mode rollback could cause a kernel panic during an attempted rollback to legacy mode. The public descriptions from NVD/SUSE/Red Hat detail that if switchdev mode initialization/transition fails, the code...
CVE-2026-43012
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mlx5 driver not setting the rollback flag correctly during switchdev mode rollback, which could result i...
PT-2026-36429
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix switchdev mode rollback in case of failure If for some internal reason switchdev mode fails, we rollback to legacy mode, before this patch, rollback will unregister the uplink netdev and leave it unregistered causin...
CVE-2026-30075
OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response For example 100 byte. The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes o...
EUVD-2026-20509
OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response For example 100 byte. The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes o...
CVE-2026-30075
OpenAirInterface Version 2.2.0 has a Buffer Overflow vulnerability in processing UplinkNASTransport containing Authentication Response containing a NAS PDU with oversize response For example 100 byte. The response is decoded by AMF and passed to the AUSF component for verification. AUSF crashes o...
OpenAirInterface 安全漏洞
OpenAirInterface is a mobile communication network software platform developed by the French company OpenAirInterface. Version 2.2.0 of OpenAirInterface contains a security vulnerability. This vulnerability stems from a buffer overflow issue when processing UplinkNASTransport messages that contai...
CVE-2026-30075
OpenAirInterface 2.2.0 is affected by a buffer overflow in processing UplinkNASTransport containing an Authentication Response with an oversize NAS PDU (example around 100 bytes). The overflow is decoded by the AMF and passed to the AUSF for verification; AUSF crashes when receiving this oversize...
Endian Firewall NAME Parameter Cross-Site Scripting Vulnerability
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall NAME parameter, which originates from improperly cleaning up the input of the NAME parameter in /cgi-bin/uplinkeditor.cgi, and can be exploited by an attacker to...
EUVD-2026-18282
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the NAME parameter to /cgi-bin/uplinkeditor.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
CVE-2026-34800
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the NAME parameter to /cgi-bin/uplinkeditor.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
Endian Firewall 跨站脚本漏洞
Endian Firewall is a network security firewall system from Endian. A cross-site scripting vulnerability exists in the Endian Firewall NAME parameter, which originates from improperly cleaning up the input of the NAME parameter in /cgi-bin/uplinkeditor.cgi, and can be exploited by an attacker to...
SUSE CVE-2026-33283
Ella Core is a 5G core designed for private networks. Versions prior to 1.6.0 panic when processing malformed UL NAS Transport NAS messages without a Request Type. An attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected...