8 matches found
CVE-2024-50085
No further technical details about CVE-2024-50085 are provided in the connected Astra Linux bulletin or Nessus entries. Public details are limited to the initial description; monitor for vendor advisories and kernel patches for affected components.
CVE-2024-56717
CVE-2024-56717 affects the Linux kernel, specifically the net: mscc: ocelot driver. The vulnerability stems from an incorrect IFH SRC_PORT field in ocelot_ifh_set_basic(), where the code called with BIT_ULL(x) instead of the port index x. This caused the SRC_PORT to not correspond to the CPU port...
CVE-2025-38512
Intel/summary (CVE-2025-38512) The Linux kernel patch for wifi A-MSDU spoofing in mesh networks fixes a vulnerability where an A‑MSDU could be incorrectly parsed as a standard MSDU. The mitigation detects this by parsing a received A‑MSDU as MSDU, computing the Mesh Control header length, and ver...
CVE-2026-45859
The CVE-2026-45859 entry describes a Linux kernel netfilter nfnetlink_queue issue where a shared-unconfirmed nf_conn entry is not checked before segmentation, causing UDP packets to be dropped instead of queued when F_GSO is not set and a GSO packet arrives. The regression arose due to the check ...
CVE-2026-45901
The CVE-2026-45901 issue affects the Linux kernel netfilter nf_tables implementation. The root cause is a circular lock dependency among commit_mutex, nfnl_subsys_ipset, and nlk_cb_mutex that can occur when nft reset, ipset list, and iptables-nft with a -m set rule run concurrently, potentially l...
CVE-2026-45849
The CVE-2026-45849 issue affects the Linux kernel’s mscc: ocelot network driver. The vulnerability occurred because ocelot_port_xmit_inj() invoked ocelot_can_inject() and ocelot_port_inject_frame() without holding the injection group lock, despite lockdep_assert_held() checks in those functions. ...
CVE-2026-45897
The CVE-2026-45897 entry concerns the Linux kernel netfilter nft_counter: serialize reset with spinlock vulnerability. A global static spinlock was added to serialize concurrent counter fetch+reset operations, preventing two parallel resets from underrunning values when dumping and resetting coun...
CVE-2026-43252
CVE-2026-43252 concerns the Linux kernel MPTCP subsystem (Multiswitch TCP). The issue arises in the in-kernel MPTCP path for removing endpoints, where code path __mark_subflow_endp_available/mptcp_pm_nl_fullmesh/mptcp_pm_nl_set_flags_all/mptcp_pm_nl_set_flags can trigger a kernel warning when a s...