227300 matches found
The vulnerabilities in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel allow a hacker to cause a service failure.
The vulnerability in the net/bluetooth/eir.c and net/bluetooth/mgmt.c modules of Linux kernel systems relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF
A flaw was found in the Linux kernel's eventpoll mechanism. A Use-After-Free UAF vulnerability, where the system attempts to access memory after it has been freed, can occur during the removal of a file. A local attacker could exploit this race condition to corrupt memory, potentially leading to...
kernel: Linux kernel: netfilter: ebtables SNAT target writes to shared memory pages during ARP hardware address rewrite
A flaw was found in the Linux kernel's netfilter bridge ebtables SNAT Source Network Address Translation module. This vulnerability allows a local attacker on a system configured with specific bridge netfilter rules to improperly modify underlying memory pages during an ARP Address Resolution...
kernel: eventpoll: defer struct eventpoll free to RCU grace period
A flaw was found in the Linux kernel's eventpoll component. In certain situations, the epfree function in eventpoll.c can prematurely free the eventpoll data structure while it is still being used by another concurrent thread. This use-after-free UAF vulnerability could allow a local attacker to...
Important: Red Hat Security Advisory: kernel update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
kernel: smb/client: fix out-of-bounds read in smb2_compound_op()
A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...
kernel: eventpoll: defer struct eventpoll free to RCU grace period
A flaw was found in the Linux kernel's eventpoll component. In certain situations, the epfree function in eventpoll.c can prematurely free the eventpoll data structure while it is still being used by another concurrent thread. This use-after-free UAF vulnerability could allow a local attacker to...
kernel: net: mana: Fix double destroy_workqueue on service rescan PCI path
A flaw was found in the Linux kernel's mana network driver. This vulnerability, a use-after-free, occurs when the PCI service rescan path attempts to destroy an already-freed workqueue a second time. A local attacker could exploit this condition to cause a system crash, leading to a denial of...
kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF
A flaw was found in the Linux kernel's eventpoll mechanism. A Use-After-Free UAF vulnerability, where the system attempts to access memory after it has been freed, can occur during the removal of a file. A local attacker could exploit this race condition to corrupt memory, potentially leading to...
kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service
A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
Important: Red Hat Security Advisory: kpatch-patch-5_14_0-427_100_1, kpatch-patch-5_14_0-427_113_1, kpatch-patch-5_14_0-427_126_1, kpatch-patch-5_14_0-427_68_2, and kpatch-patch-5_14_0-427_84_1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...
kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service
A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...
CVE-2026-53147 vulnerabilities
Vulnerabilities for packages: linux-gcp, linux-qemu, linux-vmware, linux-aws...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()
A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...
kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()
A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...
kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources
A flaw was found in the Linux kernel on ARM processors. A race condition in Translation Lookaside Buffer Invalidation TLBI operations during memory permission changes allows a local attacker to write to memory resources owned by higher privilege levels. This could allow an unprivileged local...
Security Bulletin: IBM Storage Scale System: Vulnerability in Linux kernel crypto subsystem could allow local privilege escalation (CVE-2026-31431)
Summary IBM Storage Scale Systems is affected by a security vulnerability identified in the Linux kernel's cryptographic interface CVE-2026-31431 that could allow a local user with low privileges to escalate to root privileges. The vulnerability has a CVSS score of 7.8 High and requires local...