65 matches found
CVE-2026-23304
A flaw was found in the Linux kernel. A local attacker could cause a null pointer dereference in the IPv6 routing subsystem when a slave device is being un-slaved from a Virtual Routing and Forwarding VRF instance. This vulnerability can lead to a system crash, resulting in a denial of service...
SUSE CVE-2026-23304
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...
EUVD-2026-15242
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...
CVE-2026-23304
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...
CVE-2026-23304
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...
UBUNTU-CVE-2026-23304
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...
CVE-2026-23304
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal with this, but we lost the fallback to loopback in ip6rtpcpualloc -...
CVE-2026-23304
The connected advisories confirm CVE-2026-23304 affects the Linux kernel IPv6 routing code. Root cause: l3mdev_master_dev_rcu() can return NULL when a slave device is un-slaved from a VRF, and ip6_rt_get_dev_rcu() used by ip6_rt_pcpu_alloc() did not fall back to loopback, causing a NULL pointer d...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from failing to handle the unbinding of slave devices from the VRF context. This vulnerability may lead to...
Linux Distros Unpatched Vulnerability : CVE-2026-23304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv6: fix NULL pointer deref in ip6rtgetdevrcu l3mdevmasterdevrcu can return NULL when the slave device is being un-slaved from a VRF. All other callers deal wi...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49980)
"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49980 advisory. - In the Linux kernel, the following vulnerability has been resolved: vrf: revert vrf: Remove unnecessary...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21791)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21791 advisory. - In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdevl3out...
Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2024-56838)
Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2024-56840)
Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements Used in a Command (CVE-2024-56836)
Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2024-56835)
Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
PT-2026-27669
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ipv6 subsystem, specifically within the ip6 rt get dev rcu function. The issue arises when the l3mdev master dev rcu function returns NULL during...
CVE-2024-56839
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...
EUVD-2024-55305
A vulnerability has been identified in RUGGEDCOM ROX II family All versions V2.17.0. Code injection can be achieved when the affected device is using VRF Virtual Routing and Forwarding. An attacker could leverage this scenario to execute arbitrary code as root user...
CVE-2024-56839
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.0, RUGGEDCOM ROX MX5000RE All versions V2.17.0, RUGGEDCOM ROX RX1400 All versions V2.17.0, RUGGEDCOM ROX RX1500 All versions V2.17.0, RUGGEDCOM ROX RX1501 All versions V2.17.0, RUGGEDCOM ROX RX1510 All versions V2.17.0...