cvelistv5 - cve-2026-23310

CVE-2026-23310 (GCVE-0-2026-23310)

Vulnerability from cvelistv5

Published

2026-03-25 10:27

Modified

2026-04-13 06:04

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded bond_option_mode_set() already rejects mode changes that would make a loaded XDP program incompatible via bond_xdp_check(). However, bond_option_xmit_hash_policy_set() has no such guard. For 802.3ad and balance-xor modes, bond_xdp_check() returns false when xmit_hash_policy is vlan+srcmac, because the 802.1q payload is usually absent due to hardware offload. This means a user can: 1. Attach a native XDP program to a bond in 802.3ad/balance-xor mode with a compatible xmit_hash_policy (e.g. layer2+3). 2. Change xmit_hash_policy to vlan+srcmac while XDP remains loaded. This leaves bond->xdp_prog set but bond_xdp_check() now returning false for the same device. When the bond is later destroyed, dev_xdp_uninstall() calls bond_xdp_set(dev, NULL, NULL) to remove the program, which hits the bond_xdp_check() guard and returns -EOPNOTSUPP, triggering: WARN_ON(dev_xdp_install(dev, mode, bpf_op, NULL, 0, NULL)) Fix this by rejecting xmit_hash_policy changes to vlan+srcmac when an XDP program is loaded on a bond in 802.3ad or balance-xor mode. commit 39a0876d595b ("net, bonding: Disallow vlan+srcmac with XDP") introduced bond_xdp_check() which returns false for 802.3ad/balance-xor modes when xmit_hash_policy is vlan+srcmac. The check was wired into bond_xdp_set() to reject XDP attachment with an incompatible policy, but the symmetric path -- preventing xmit_hash_policy from being changed to an incompatible value after XDP is already loaded -- was left unguarded in bond_option_xmit_hash_policy_set(). Note: commit 094ee6017ea0 ("bonding: check xdp prog when set bond mode") later added a similar guard to bond_option_mode_set(), but bond_option_xmit_hash_policy_set() remained unprotected.

References

URL

CERTFR-2026-AVI-0376

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Microsoft	CBL Mariner	cbl2 telegraf 1.29.4-21 versions antérieures à 1.29.4-22
Microsoft	Azure Linux	azl3 glibc 2.38-18 versions antérieures à 2.38-19
Microsoft	Azure Linux	azl3 squid 6.13-3 versions antérieures à 6.13-4
Microsoft	Azure Linux	azl3 python-pyasn1 0.4.8-1 versions antérieures à 0.4.8-2
Microsoft	Azure Linux	azl3 nginx 1.28.2-1 versions antérieures à 1.28.3-1
Microsoft	CBL Mariner	cbl2 ncurses 6.4-3 versions antérieures à 6.4-4
Microsoft	Azure Linux	azl3 kernel 6.6.126.1-1 versions antérieures à 6.6.130.1-1
Microsoft	Azure Linux	azl3 ncurses 6.4-2 versions antérieures à 6.4-3
Microsoft	CBL Mariner	cbl2 terraform 1.3.2-29 versions antérieures à 1.3.2-30
Microsoft	Azure Linux	azl3 libsoup 3.4.4-12 versions antérieures à 3.4.4-14
Microsoft	Azure Linux	azl3 etcd 3.5.21-1 versions antérieures à 3.5.28-1

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft CVE-2026-32748	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4438	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23347	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23268	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23392	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23319	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23253	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23296	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23364	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23368	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27654	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-30922	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23286	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23396	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23340	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23324	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33515	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23318	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23379	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23317	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27784	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23359	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23245	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23269	2026-03-20	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23298	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23304	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23370	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23100	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23271	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23352	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33343	2026-03-28	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4437	2026-03-22	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23343	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33413	2026-03-28	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23246	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23279	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23244	2026-03-19	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23367	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23307	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23398	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2025-69720	2026-03-25	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-28755	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23300	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23381	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23356	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23351	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23277	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23315	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-4645	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-33526	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23382	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23310	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23306	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23336	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-2369	2026-03-25	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23391	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23290	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23312	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23388	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23390	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23303	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23289	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23293	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-27651	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23291	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-28753	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23334	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-32647	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23397	2026-03-27	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23281	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23365	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23285	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23292	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23284	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23395	2026-03-26	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23274	2026-03-21	vendor-advisory
Bulletin de sécurité Microsoft CVE-2026-23357	2026-03-26	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "cbl2 telegraf 1.29.4-21 versions ant\u00e9rieures \u00e0 1.29.4-22",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 glibc 2.38-18 versions ant\u00e9rieures \u00e0 2.38-19",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 squid 6.13-3 versions ant\u00e9rieures \u00e0 6.13-4",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 python-pyasn1 0.4.8-1 versions ant\u00e9rieures \u00e0 0.4.8-2",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 nginx 1.28.2-1 versions ant\u00e9rieures \u00e0 1.28.3-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "cbl2 ncurses 6.4-3 versions ant\u00e9rieures \u00e0 6.4-4",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 kernel 6.6.126.1-1 versions ant\u00e9rieures \u00e0 6.6.130.1-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 ncurses 6.4-2 versions ant\u00e9rieures \u00e0 6.4-3",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "cbl2 terraform 1.3.2-29 versions ant\u00e9rieures \u00e0 1.3.2-30",
      "product": {
        "name": "CBL Mariner",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 libsoup 3.4.4-12 versions ant\u00e9rieures \u00e0 3.4.4-14",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "azl3 etcd 3.5.21-1 versions ant\u00e9rieures \u00e0 3.5.28-1",
      "product": {
        "name": "Azure Linux",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-23318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23318"
    },
    {
      "name": "CVE-2026-23368",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23368"
    },
    {
      "name": "CVE-2026-23281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23281"
    },
    {
      "name": "CVE-2026-32647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32647"
    },
    {
      "name": "CVE-2026-23269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23269"
    },
    {
      "name": "CVE-2026-23293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23293"
    },
    {
      "name": "CVE-2026-23290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23290"
    },
    {
      "name": "CVE-2026-27651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27651"
    },
    {
      "name": "CVE-2026-23303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23303"
    },
    {
      "name": "CVE-2026-27654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27654"
    },
    {
      "name": "CVE-2026-23340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23340"
    },
    {
      "name": "CVE-2026-23253",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23253"
    },
    {
      "name": "CVE-2026-33343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33343"
    },
    {
      "name": "CVE-2026-23271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23271"
    },
    {
      "name": "CVE-2026-23268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23268"
    },
    {
      "name": "CVE-2026-23285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23285"
    },
    {
      "name": "CVE-2026-23304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23304"
    },
    {
      "name": "CVE-2026-23357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23357"
    },
    {
      "name": "CVE-2026-4645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4645"
    },
    {
      "name": "CVE-2026-23324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23324"
    },
    {
      "name": "CVE-2026-23347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23347"
    },
    {
      "name": "CVE-2026-28755",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28755"
    },
    {
      "name": "CVE-2026-23317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23317"
    },
    {
      "name": "CVE-2026-23334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23334"
    },
    {
      "name": "CVE-2026-23391",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23391"
    },
    {
      "name": "CVE-2026-23319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23319"
    },
    {
      "name": "CVE-2026-23279",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23279"
    },
    {
      "name": "CVE-2026-23244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23244"
    },
    {
      "name": "CVE-2026-23246",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23246"
    },
    {
      "name": "CVE-2026-30922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
    },
    {
      "name": "CVE-2026-23286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23286"
    },
    {
      "name": "CVE-2026-23359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23359"
    },
    {
      "name": "CVE-2026-23298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23298"
    },
    {
      "name": "CVE-2026-23296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23296"
    },
    {
      "name": "CVE-2026-23396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23396"
    },
    {
      "name": "CVE-2026-23370",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23370"
    },
    {
      "name": "CVE-2026-23315",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23315"
    },
    {
      "name": "CVE-2026-23352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23352"
    },
    {
      "name": "CVE-2026-23367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23367"
    },
    {
      "name": "CVE-2026-32748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32748"
    },
    {
      "name": "CVE-2026-23300",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23300"
    },
    {
      "name": "CVE-2026-23379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23379"
    },
    {
      "name": "CVE-2026-23381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23381"
    },
    {
      "name": "CVE-2026-23392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23392"
    },
    {
      "name": "CVE-2026-23245",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23245"
    },
    {
      "name": "CVE-2026-4438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4438"
    },
    {
      "name": "CVE-2026-23364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23364"
    },
    {
      "name": "CVE-2026-23274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23274"
    },
    {
      "name": "CVE-2026-23284",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23284"
    },
    {
      "name": "CVE-2026-23397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23397"
    },
    {
      "name": "CVE-2026-23343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23343"
    },
    {
      "name": "CVE-2026-23336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23336"
    },
    {
      "name": "CVE-2025-69720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69720"
    },
    {
      "name": "CVE-2026-23289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23289"
    },
    {
      "name": "CVE-2026-23292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23292"
    },
    {
      "name": "CVE-2026-23277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23277"
    },
    {
      "name": "CVE-2026-4437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4437"
    },
    {
      "name": "CVE-2026-27784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27784"
    },
    {
      "name": "CVE-2026-23388",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23388"
    },
    {
      "name": "CVE-2026-28753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-28753"
    },
    {
      "name": "CVE-2026-33526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33526"
    },
    {
      "name": "CVE-2026-23310",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23310"
    },
    {
      "name": "CVE-2026-2369",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2369"
    },
    {
      "name": "CVE-2026-33515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33515"
    },
    {
      "name": "CVE-2026-23395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23395"
    },
    {
      "name": "CVE-2026-23100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23100"
    },
    {
      "name": "CVE-2026-23306",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23306"
    },
    {
      "name": "CVE-2026-33413",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33413"
    },
    {
      "name": "CVE-2026-23291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23291"
    },
    {
      "name": "CVE-2026-23382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23382"
    },
    {
      "name": "CVE-2026-23312",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23312"
    },
    {
      "name": "CVE-2026-23365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23365"
    },
    {
      "name": "CVE-2026-23356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23356"
    },
    {
      "name": "CVE-2026-23307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23307"
    },
    {
      "name": "CVE-2026-23398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23398"
    },
    {
      "name": "CVE-2026-23351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23351"
    },
    {
      "name": "CVE-2026-23390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23390"
    }
  ],
  "initial_release_date": "2026-03-30T00:00:00",
  "last_revision_date": "2026-03-30T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0376",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-03-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Microsoft. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Microsoft",
  "vendor_advisories": [
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-32748",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4438",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23347",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23268",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23392",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23319",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23253",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23296",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23364",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23368",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27654",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-30922",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23286",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23396",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23396"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23340",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23340"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23324",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23324"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33515",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33515"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23318",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23318"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23379",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23379"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23317",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23317"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27784",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27784"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23359",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23359"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23245",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23245"
    },
    {
      "published_at": "2026-03-20",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23269",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23269"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23298",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23298"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23304",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23304"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23370",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23370"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23100",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23100"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23271",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23271"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23352",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23352"
    },
    {
      "published_at": "2026-03-28",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33343",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33343"
    },
    {
      "published_at": "2026-03-22",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4437",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4437"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23343",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23343"
    },
    {
      "published_at": "2026-03-28",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33413",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33413"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23246",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23246"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23279",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23279"
    },
    {
      "published_at": "2026-03-19",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23244",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23244"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23367",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23367"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23307",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23307"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23398",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23398"
    },
    {
      "published_at": "2026-03-25",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2025-69720",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-69720"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28755",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28755"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23300",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23300"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23381",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23381"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23356",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23356"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23351",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23351"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23277",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23277"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23315",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23315"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-4645",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4645"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-33526",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33526"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23382",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23382"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23310",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23310"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23306",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23306"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23336",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23336"
    },
    {
      "published_at": "2026-03-25",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-2369",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-2369"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23391",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23391"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23290",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23290"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23312",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23312"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23388",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23388"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23390",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23390"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23303",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23303"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23289",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23289"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23293",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23293"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-27651",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27651"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23291",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23291"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-28753",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28753"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23334",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23334"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-32647",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32647"
    },
    {
      "published_at": "2026-03-27",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23397",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23397"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23281",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23281"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23365",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23365"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23285",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23285"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23292",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23292"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23284",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23284"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23395",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23395"
    },
    {
      "published_at": "2026-03-21",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23274",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23274"
    },
    {
      "published_at": "2026-03-26",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft CVE-2026-23357",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23357"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted