[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-26586":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":102,"related":103,"reserved_at":9,"published_at":120,"modified_at":121,"state":122,"summary":123,"references_raw":132,"kevs":164,"epss":165,"epss_history":168,"metrics":415,"affected":421},"CVE-2024-26586","In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix stack corruption\n\nWhen tc filters are first added to a net device, the corresponding local\nport gets bound to an ACL group in the device. The group contains a list\nof ACLs. In turn, each ACL points to a different TCAM region where the\nfilters are stored. During forwarding, the ACLs are sequentially\nevaluated until a match is found.\n\nOne reason to place filters in different regions is when they are added\nwith decreasing priorities and in an alternating order so that two\nconsecutive filters can never fit in the same region because of their\nkey usage.\n\nIn Spectrum-2 and newer ASICs the firmware started to report that the\nmaximum number of ACLs in a group is more than 16, but the layout of the\nregister that configures ACL groups (PAGT) was not updated to account\nfor that. It is therefore possible to hit stack corruption [1] in the\nrare case where more than 16 ACLs in a group are required.\n\nFix by limiting the maximum ACL group size to the minimum between what\nthe firmware reports and the maximum ACLs that fit in the PAGT register.\n\nAdd a test case to make sure the machine does not crash when this\ncondition is hit.\n\n[1]\nKernel panic - not syncing: stack-protector: Kernel stack is corrupted in: mlxsw_sp_acl_tcam_group_update+0x116/0x120\n[...]\n dump_stack_lvl+0x36/0x50\n panic+0x305/0x330\n __stack_chk_fail+0x15/0x20\n mlxsw_sp_acl_tcam_group_update+0x116/0x120\n mlxsw_sp_acl_tcam_group_region_attach+0x69/0x110\n mlxsw_sp_acl_tcam_vchunk_get+0x492/0xa20\n mlxsw_sp_acl_tcam_ventry_add+0x25/0xe0\n mlxsw_sp_acl_rule_add+0x47/0x240\n mlxsw_sp_flower_replace+0x1a9/0x1d0\n tc_setup_cb_add+0xdc/0x1c0\n fl_hw_replace_filter+0x146/0x1f0\n fl_change+0xc17/0x1360\n tc_new_tfilter+0x472/0xb90\n rtnetlink_rcv_msg+0x313/0x3b0\n netlink_rcv_skb+0x58/0x100\n netlink_unicast+0x244/0x390\n netlink_sendmsg+0x1e4/0x440\n ____sys_sendmsg+0x164/0x260\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xc0\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100],{"_key":25},"SUSE-SU-2024:0856-1",{"_key":27},"SUSE-SU-2024:0857-1",{"_key":29},"SUSE-SU-2024:0900-2",{"_key":31},"SUSE-SU-2024:0900-1",{"_key":33},"SUSE-SU-2024:0926-1",{"_key":35},"SUSE-SU-2024:0855-1",{"_key":37},"SUSE-SU-2024:0858-1",{"_key":39},"SUSE-SU-2024:0910-1",{"_key":41},"SUSE-SU-2024:0977-1",{"_key":43},"DLA-3841-1",{"_key":45},"SUSE-SU-2025:02334-1",{"_key":47},"DEBIAN-CVE-2024-26586",{"_key":49},"RHSA-2024:1881",{"_key":51},"RHSA-2024:1882",{"_key":53},"RHSA-2024:2006",{"_key":55},"RHSA-2024:2008",{"_key":57},"RHSA-2024:2582",{"_key":59},"RHSA-2024:2585",{"_key":61},"RHSA-2024:2674",{"_key":63},"RHSA-2024:3810",{"_key":65},"RHSA-2024:5101",{"_key":67},"RHSA-2024:5102",{"_key":69},"RHSA-2024:2394",{"_key":71},"RHSA-2024:3414",{"_key":73},"RHSA-2024:3421",{"_key":75},"UBUNTU-CVE-2024-26586",{"_key":77},"USN-6725-1",{"_key":79},"USN-6725-2",{"_key":81},"USN-6818-1",{"_key":83},"USN-6818-3",{"_key":85},"USN-6818-4",{"_key":87},"USN-6819-1",{"_key":89},"USN-6819-3",{"_key":91},"USN-6819-4",{"_key":93},"USN-6896-1",{"_key":95},"USN-6896-2",{"_key":97},"USN-6896-3",{"_key":99},"USN-6896-4",{"_key":101},"USN-6896-5",[],[104,105,106,107,108,109,111,113,115,116,117,118,119],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":110},"USN-6765-1",{"_key":112},"USN-6818-2",{"_key":114},"USN-6819-2",{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":45},"2024-02-22T16:13:31.796Z","2026-05-11T20:00:12.069Z","Modified",{"cisa_kev":124,"cisa_ransomware":124,"cisa_vendor":9,"epss_severity":125,"epss_score":126,"severity":127,"severity_score":128,"severity_version":129,"severity_source":130,"severity_vector":131,"severity_status":122},false,"low",0.0001,"medium",6.7,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",[133,139,143,147,151,155,159],{"url":134,"sources":135,"tags":137},"https://git.kernel.org/stable/c/56750ea5d15426b5f307554e7699e8b5f76c3182",[136,130],"cve.org",[138],"Patch",{"url":140,"sources":141,"tags":142},"https://git.kernel.org/stable/c/348112522a35527c5bcba933b9fefb40a4f44f15",[136,130],[138],{"url":144,"sources":145,"tags":146},"https://git.kernel.org/stable/c/6fd24675188d354b1cad47462969afa2ab09d819",[136,130],[138],{"url":148,"sources":149,"tags":150},"https://git.kernel.org/stable/c/2f5e1565740490706332c06f36211d4ce0f88e62",[136,130],[138],{"url":152,"sources":153,"tags":154},"https://git.kernel.org/stable/c/a361c2c1da5dbb13ca67601cf961ab3ad68af383",[136,130],[138],{"url":156,"sources":157,"tags":158},"https://git.kernel.org/stable/c/483ae90d8f976f8339cf81066312e1329f2d3706",[136,130],[138],{"url":160,"sources":161,"tags":162},"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html",[136,130],[163],"X Transferred",[],{"date":166,"score":126,"percentile":167},"2026-06-03",0.01287,[169,172,175,178,181,184,187,190,193,196,198,201,203,205,207,211,214,217,220,223,226,228,231,234,237,240,243,246,249,252,255,258,261,264,267,269,272,275,278,281,284,286,289,292,295,298,301,303,306,309,312,314,317,320,323,325,327,329,332,334,336,339,341,343,345,347,350,353,356,358,361,363,366,369,371,373,376,379,381,384,386,389,392,395,398,401,404,406,409,412],{"date":170,"score":126,"percentile":171},"2025-11-04",0.00839,{"date":173,"score":126,"percentile":174},"2025-11-05",0.00848,{"date":176,"score":126,"percentile":177},"2025-11-06",0.00852,{"date":179,"score":126,"percentile":180},"2025-11-07",0.00855,{"date":182,"score":126,"percentile":183},"2025-11-08",0.00853,{"date":185,"score":126,"percentile":186},"2025-11-09",0.00851,{"date":188,"score":126,"percentile":189},"2025-11-10",0.00841,{"date":191,"score":126,"percentile":192},"2025-11-11",0.00845,{"date":194,"score":126,"percentile":195},"2025-11-12",0.00844,{"date":197,"score":126,"percentile":195},"2025-11-13",{"date":199,"score":126,"percentile":200},"2025-11-14",0.00847,{"date":202,"score":126,"percentile":183},"2025-11-15",{"date":204,"score":126,"percentile":177},"2025-11-16",{"date":206,"score":126,"percentile":192},"2025-11-17",{"date":208,"score":209,"percentile":210},"2025-11-18",0.00089,0.21576,{"date":212,"score":209,"percentile":213},"2025-11-19",0.21587,{"date":215,"score":209,"percentile":216},"2025-11-20",0.21565,{"date":218,"score":126,"percentile":219},"2025-11-21",0.00864,{"date":221,"score":126,"percentile":222},"2025-11-22",0.00862,{"date":224,"score":126,"percentile":225},"2025-11-23",0.00854,{"date":227,"score":126,"percentile":183},"2025-11-24",{"date":229,"score":126,"percentile":230},"2025-11-25",0.0085,{"date":232,"score":126,"percentile":233},"2025-11-26",0.00833,{"date":235,"score":126,"percentile":236},"2025-11-27",0.00831,{"date":238,"score":126,"percentile":239},"2025-11-28",0.00838,{"date":241,"score":126,"percentile":242},"2025-11-29",0.00857,{"date":244,"score":126,"percentile":245},"2025-11-30",0.00859,{"date":247,"score":126,"percentile":248},"2025-12-01",0.0088,{"date":250,"score":126,"percentile":251},"2025-12-02",0.00874,{"date":253,"score":126,"percentile":254},"2025-12-03",0.00877,{"date":256,"score":126,"percentile":257},"2025-12-04",0.00861,{"date":259,"score":126,"percentile":260},"2025-12-05",0.00867,{"date":262,"score":126,"percentile":263},"2025-12-06",0.00865,{"date":265,"score":126,"percentile":266},"2025-12-07",0.0087,{"date":268,"score":126,"percentile":251},"2025-12-08",{"date":270,"score":126,"percentile":271},"2025-12-09",0.00888,{"date":273,"score":126,"percentile":274},"2025-12-10",0.00898,{"date":276,"score":126,"percentile":277},"2025-12-11",0.00895,{"date":279,"score":126,"percentile":280},"2025-12-12",0.00899,{"date":282,"score":126,"percentile":283},"2025-12-13",0.00755,{"date":285,"score":126,"percentile":283},"2025-12-14",{"date":287,"score":126,"percentile":288},"2025-12-15",0.0075,{"date":290,"score":126,"percentile":291},"2025-12-16",0.00757,{"date":293,"score":126,"percentile":294},"2025-12-17",0.0076,{"date":296,"score":126,"percentile":297},"2025-12-18",0.00758,{"date":299,"score":126,"percentile":300},"2025-12-19",0.00762,{"date":302,"score":126,"percentile":294},"2025-12-20",{"date":304,"score":126,"percentile":305},"2025-12-21",0.00759,{"date":307,"score":126,"percentile":308},"2025-12-22",0.00763,{"date":310,"score":126,"percentile":311},"2025-12-23",0.00761,{"date":313,"score":126,"percentile":308},"2025-12-24",{"date":315,"score":126,"percentile":316},"2025-12-25",0.00766,{"date":318,"score":126,"percentile":319},"2025-12-26",0.00768,{"date":321,"score":126,"percentile":322},"2025-12-27",0.00765,{"date":324,"score":126,"percentile":308},"2025-12-28",{"date":326,"score":126,"percentile":311},"2025-12-29",{"date":328,"score":126,"percentile":305},"2025-12-30",{"date":330,"score":126,"percentile":331},"2025-12-31",0.00756,{"date":333,"score":126,"percentile":300},"2026-01-01",{"date":335,"score":126,"percentile":319},"2026-01-02",{"date":337,"score":126,"percentile":338},"2026-01-03",0.0077,{"date":340,"score":126,"percentile":311},"2026-01-04",{"date":342,"score":126,"percentile":319},"2026-01-05",{"date":344,"score":126,"percentile":322},"2026-01-06",{"date":346,"score":126,"percentile":322},"2026-01-07",{"date":348,"score":126,"percentile":349},"2026-01-08",0.00769,{"date":351,"score":126,"percentile":352},"2026-01-09",0.00777,{"date":354,"score":126,"percentile":355},"2026-01-10",0.0078,{"date":357,"score":126,"percentile":355},"2026-01-11",{"date":359,"score":126,"percentile":360},"2026-01-12",0.00778,{"date":362,"score":126,"percentile":360},"2026-01-13",{"date":364,"score":126,"percentile":365},"2026-01-14",0.00779,{"date":367,"score":126,"percentile":368},"2026-01-15",0.00783,{"date":370,"score":126,"percentile":368},"2026-01-16",{"date":372,"score":126,"percentile":368},"2026-01-17",{"date":374,"score":126,"percentile":375},"2026-01-18",0.00786,{"date":377,"score":126,"percentile":378},"2026-01-19",0.00784,{"date":380,"score":126,"percentile":360},"2026-01-20",{"date":382,"score":126,"percentile":383},"2026-01-21",0.00776,{"date":385,"score":126,"percentile":360},"2026-01-22",{"date":387,"score":126,"percentile":388},"2026-01-23",0.00787,{"date":390,"score":126,"percentile":391},"2026-01-24",0.00792,{"date":393,"score":126,"percentile":394},"2026-01-25",0.00793,{"date":396,"score":126,"percentile":397},"2026-01-26",0.00794,{"date":399,"score":126,"percentile":400},"2026-01-27",0.00798,{"date":402,"score":126,"percentile":403},"2026-01-28",0.00796,{"date":405,"score":126,"percentile":400},"2026-01-29",{"date":407,"score":126,"percentile":408},"2026-01-30",0.00808,{"date":410,"score":126,"percentile":411},"2026-01-31",0.00815,{"date":413,"score":126,"percentile":414},"2026-02-01",0.0082,[416],{"source":130,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":417,"cvss_v4_0":9},{"baseScore":128,"baseSeverity":418,"vectorString":131,"impactScore":419,"exploitabilityScore":420},"MEDIUM",9.8,2.1,[422,451],{"ecosystem":9,"name":423,"vendor":424,"product":424,"cpe_part":425,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":426},"Linux","linux","a",[427,434,437,440,443,446,449],{"version":428,"is_range":429,"range_type":136,"version_start":430,"version_start_type":431,"version_end":432,"version_end_type":433,"fixed_in":9},">= c3ab435466d5109b2c7525a3b90107d4d9e918fc, \u003C 56750ea5d15426b5f307554e7699e8b5f76c3182",true,"c3ab435466d5109b2c7525a3b90107d4d9e918fc","including","56750ea5d15426b5f307554e7699e8b5f76c3182","excluding",{"version":435,"is_range":429,"range_type":136,"version_start":430,"version_start_type":431,"version_end":436,"version_end_type":433,"fixed_in":9},">= c3ab435466d5109b2c7525a3b90107d4d9e918fc, \u003C 348112522a35527c5bcba933b9fefb40a4f44f15","348112522a35527c5bcba933b9fefb40a4f44f15",{"version":438,"is_range":429,"range_type":136,"version_start":430,"version_start_type":431,"version_end":439,"version_end_type":433,"fixed_in":9},">= c3ab435466d5109b2c7525a3b90107d4d9e918fc, \u003C 6fd24675188d354b1cad47462969afa2ab09d819","6fd24675188d354b1cad47462969afa2ab09d819",{"version":441,"is_range":429,"range_type":136,"version_start":430,"version_start_type":431,"version_end":442,"version_end_type":433,"fixed_in":9},">= c3ab435466d5109b2c7525a3b90107d4d9e918fc, \u003C 2f5e1565740490706332c06f36211d4ce0f88e62","2f5e1565740490706332c06f36211d4ce0f88e62",{"version":444,"is_range":429,"range_type":136,"version_start":430,"version_start_type":431,"version_end":445,"version_end_type":433,"fixed_in":9},">= c3ab435466d5109b2c7525a3b90107d4d9e918fc, \u003C a361c2c1da5dbb13ca67601cf961ab3ad68af383","a361c2c1da5dbb13ca67601cf961ab3ad68af383",{"version":447,"is_range":429,"range_type":136,"version_start":430,"version_start_type":431,"version_end":448,"version_end_type":433,"fixed_in":9},">= c3ab435466d5109b2c7525a3b90107d4d9e918fc, \u003C 483ae90d8f976f8339cf81066312e1329f2d3706","483ae90d8f976f8339cf81066312e1329f2d3706",{"version":450,"is_range":124,"range_type":136,"version_start":450,"version_start_type":431,"version_end":450,"version_end_type":431,"fixed_in":9},"4.19",{"ecosystem":9,"name":452,"vendor":424,"product":453,"cpe_part":454,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":455},"linux kernel","linux_kernel","o",[456,461,465,469,473],{"version":457,"is_range":429,"range_type":458,"version_start":459,"version_start_type":431,"version_end":460,"version_end_type":433,"fixed_in":9},"gte4.19.0_lt5.10.209","cpe","4.19.0","5.10.209",{"version":462,"is_range":429,"range_type":458,"version_start":463,"version_start_type":431,"version_end":464,"version_end_type":433,"fixed_in":9},"gte5.11.0_lt5.15.148","5.11.0","5.15.148",{"version":466,"is_range":429,"range_type":458,"version_start":467,"version_start_type":431,"version_end":468,"version_end_type":433,"fixed_in":9},"gte5.16.0_lt6.1.79","5.16.0","6.1.79",{"version":470,"is_range":429,"range_type":458,"version_start":471,"version_start_type":431,"version_end":472,"version_end_type":433,"fixed_in":9},"gte6.2.0_lt6.6.14","6.2.0","6.6.14",{"version":474,"is_range":429,"range_type":458,"version_start":475,"version_start_type":431,"version_end":476,"version_end_type":433,"fixed_in":9},"gte6.7.0_lt6.7.2","6.7.0","6.7.2"]