Lucene search
K

226257 matches found

NVD
NVD
added last week8 views

CVE-2026-52920

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

8.3CVSS0.00299EPSS
Exploits0References8
NVD
NVD
added last week7 views

CVE-2026-52912

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

7.8CVSS0.00142EPSS
Exploits0References8
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52915

In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6thbh: reject oversized option lists struct ip6topts stores at most IP6TOPTSOPTSNR option descriptors, but hbhmt6check does not reject larger optsnr values supplied from userspace. Validate optsnr in the rule setup...

7.1CVSS5.6AI score0.00126EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52912

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

7.8CVSS5.6AI score0.00142EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52913

In the Linux kernel, the following vulnerability has been resolved: batman-adv: v: stop OGMv2 on disabled interface When a batadvhardiface is disabled, its meshiface pointer is set to NULL. However, batadvvogmsendmeshif may still dispatch OGMs via batadvvogmqueueonif for interfaces that have sinc...

5.7AI score0.00176EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52922

In the Linux kernel, the following vulnerability has been resolved: batman-adv: dat: handle forward allocation error batadvdatforwarddata calls pskbcopyforclone to duplicate an skb for each DHT candidate, but does not check the return value before passing it to batadvsendskbprepareunicast4addr...

7.5CVSS5.7AI score0.00394EPSS
Exploits0References11
OSV
OSV
added last week3 views

UBUNTU-CVE-2026-52935

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52942

In the Linux kernel, the following vulnerability has been resolved: netfilter: nflog: validate MAC header was set before dumping it The fallback path of dumpmacheader guards the MAC header access only with "skb-macheader != skb-networkheader", without checking skbmacheaderwasset. When the MAC...

7.1CVSS5.6AI score0.00123EPSS
Exploits0References10
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52926

In the Linux kernel, the following vulnerability has been resolved: batman-adv: clear current gateway during teardown batadvgwnodefree removes the gateway list entries during mesh teardown, but it does not clear the currently selected gateway. This leaves stale gateway state behind across cleanup...

5.6AI score0.00164EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52936

In the Linux kernel, the following vulnerability has been resolved: crypto: jitterentropy - replace long-held spinlock with mutex jentkcapirandom serializes the shared jitterentropy state, but it currently holds a spinlock across the jentreadentropy call. That path performs expensive jitter...

5.6AI score0.00156EPSS
Exploits0References8
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52920

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtpolicy: fix strict mode inbound policy matching matchpolicyin walks secpath entries from the last transform to the first one, but strict policy matching needs to consume info-pol in the same forward order as the rule...

8.3CVSS5.6AI score0.00299EPSS
Exploits0References11
OSV
OSV
added last week3 views

UBUNTU-CVE-2026-52923

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

7.8CVSS5.6AI score0.00123EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52932

In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the outfreereq label up by a couple of lines so that the allocated dst SG list gets freed on error as well as success...

7.5CVSS5.6AI score0.00339EPSS
Exploits0References6
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52917

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

7.1CVSS5.6AI score0.00126EPSS
Exploits0References11
OSV
OSV
added last week5 views

UBUNTU-CVE-2026-52914

In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments and uses it to validate a fragment chain before reassembly. That accounting currently allows the accumulated...

9.8CVSS5.6AI score0.00519EPSS
Exploits0References11
OSV
OSV
added last week4 views

UBUNTU-CVE-2026-52931

In the Linux kernel, the following vulnerability has been resolved: batman-adv: tpmeter: avoid use of uninit sender vars batadvtprecvack and batadvtpstop are only valid for tpvars in the BATADVTPSENDER role. When called with a BATADVTPRECEIVER role, it proceeds to read sender-only members that we...

9.8CVSS5.7AI score0.00404EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52921

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash: range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last...

5.6AI score0.00164EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52918

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize acceptq access btsockpoll walks the accept queue without synchronization, while child teardown can unlink the same socket and drop its last reference. The unsynchronized accept queue walk has existed since th...

8.8CVSS5.6AI score0.00266EPSS
Exploits0References11
OSV
OSV
added last week2 views

UBUNTU-CVE-2026-52939

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...

5.7AI score0.00164EPSS
Exploits0References11
OSV
OSV
added last week3 views

UBUNTU-CVE-2026-52929

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

7.5CVSS5.6AI score0.00394EPSS
Exploits0References11
Rows per page
Query Builder