Lucene search
+L

12155 matches found

cve
cve
added 2026/06/26 7:40 p.m.15 views

CVE-2026-53292

Summary (CVE-2026-53292): The Linux kernel phonet subsystem contains a flaw in pn_socket_autobind() where, if pn_socket_bind() returns -EINVAL while the socket was never bound (pn_port() == 0) and sk states are not TCP_CLOSE, a BUG_ON() triggers a kernel panic from a user-triggerable path. The pa...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
redhatcve
redhatcve
added 2026/06/26 7:0 p.m.14 views

CVE-2026-53054

A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically within the Qualcomm Adreno GPU MSM driver. An incorrect argument in the VMBIND UNMAP locking mechanism meant that certain objects involved in unmapping operations were not consistently locked. This could...

7.8CVSS5.9AI score0.00127EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/06/26 10:41 a.m.5 views

CVE-2026-13325 Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

8.5CVSS5.8AI score0.00175EPSS
Exploits0References2
euvd
euvd
added 2026/06/26 10:41 a.m.6 views

EUVD-2026-39645

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

8.5CVSS5.8AI score0.00175EPSS
Exploits0References2
cve
cve
added 2026/06/26 10:41 a.m.20 views

CVE-2026-13325

The CVE-2026-13325 issue affects KubeVirt’s migration proxy. When spec.configuration.migrations.disableTLS is set to true, the target virt-handler binds a plain TCP listener on all interfaces (0.0.0.0/::) on a random port with no authentication, peer allow-list, or handshake token. This listener ...

8.5CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software2
f5
f5
added 2026/06/26 3:3 a.m.12 views

K000161919: BIND vulnerability CVE-2026-5947

Security Advisory Description Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as...

7.5CVSS5.8AI score0.01387EPSS
Exploits0
redhatcve
redhatcve
added 2026/06/26 1:11 a.m.7 views

CVE-2026-53233

A flaw was found in the Linux kernel. A double-free vulnerability exists within the netdevnlbindrxdoit function, which is responsible for binding network device receive operations. This vulnerability arises when genlmsgreply consumes the socket buffer skb, and the error handling path subsequently...

7.8CVSS6.2AI score0.00138EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.9 views

PT-2026-52931

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the phonet network component where the pn socket autobind function incorrectly handles a failed bind operation. When pn socket bind returns an -EINVAL error, the syste...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References15
nessus
nessus
added 2026/06/26 12:0 a.m.9 views

Oracle Linux 9 : bind (ELSA-2026-24367)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-24367 advisory. - Fix GSS-API resource leak CVE-2026-3039 - Invalid handling of CLASS != IN CVE-2026-5946 Tenable has extracted the preceding description block direct...

7.5CVSS5.8AI score0.0181EPSS
Exploits0References3
nessus
nessus
added 2026/06/26 12:0 a.m.11 views

SUSE SLES15 Security Update : bind (SUSE-SU-2026:2616-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2616-1 advisory. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3039: BIND 9 server memory...

7.5CVSS5.9AI score0.0181EPSS
Exploits0References10
nessus
nessus
added 2026/06/26 12:0 a.m.11 views

SUSE SLES16: bind / bind-doc / bind-modules-generic / bind-modules-ldap / etc (SUSE-SU-2026:22198-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22198-1 advisory. This update for bind fixes the following issues Upgrade to release 9.20.23: - CVE-2026-3039: BIND 9 server memory exhaustion durin...

9.8CVSS5.8AI score0.01844EPSS
Exploits1References19
nessus
nessus
added 2026/06/26 12:0 a.m.7 views

SUSE SLES15 Security Update : bind (SUSE-SU-2026:2617-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2617-1 advisory. - CVE-2026-3592: Amplification vulnerabilities via self-pointed glue records bsc1265592. - CVE-2026-3039: BIND 9 server memory...

7.5CVSS5.8AI score0.0181EPSS
Exploits0References10
osv
osv
added 2026/06/25 10:34 p.m.4 views

GO-2026-5617 Docker: Race condition in docker cp allows bind mount redirection to host path in github.com/docker/docker

Docker: Race condition in docker cp allows bind mount redirection to host path in github.com/docker/docker...

7.2CVSS5.8AI score0.00104EPSS
Exploits0References2
osv
osv
added 2026/06/25 10:43 a.m.4 views

RHSA-2026:29110 Red Hat Security Advisory: bind security update

Bulletin has no description...

7.5CVSS7.4AI score0.01545EPSS
Exploits0References11
nvd
nvd
added 2026/06/25 9:16 a.m.11 views

CVE-2026-53233

In the Linux kernel, the following vulnerability has been resolved: netdev: fix double-free in netdevnlbindrxdoit Sashiko flags that genlmsgreply always consumes the skb. The error path calls nlmsgfreersp so we can't jump directly to it. Let's not unbind, just propagate the error to the user. Thi...

7.8CVSS0.00138EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.11 views

PT-2026-52328

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the netdev nl bind rx doit function. This occurs because genlmsg reply always consumes the socket buffer skb, but the error path incorrectly calls nlmsg...

7.8CVSS6.2AI score0.00138EPSS
Exploits0References17
cvelist
cvelist
added 2026/06/24 4:29 p.m.46 views

CVE-2026-53054 drm/msm: Fix VM_BIND UNMAP locking

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix VMBIND UNMAP locking Wrong argument meant that the objs involved in UNMAP ops were not always getting locked. Since NOSHARE objs share a common resv with the VM which is always locked this would only show up with...

7.8CVSS0.00127EPSS
Exploits0References3
cve
cve
added 2026/06/24 4:29 p.m.8 views

CVE-2026-53054

CVE-2026-53054 affects the Linux kernel DRM subsystem for Qualcomm Adreno (MSM) where an incorrect argument in VM_BIND UNMAP locking caused certain objects involved in UNMAP operations to not be consistently locked. The issue could impact system stability, particularly for non-NO_SHARE buffer obj...

7.8CVSS5.7AI score0.00127EPSS
Exploits0References3
osv
osv
added 2026/06/24 4:29 p.m.4 views

CVE-2026-53054 drm/msm: Fix VM_BIND UNMAP locking

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix VMBIND UNMAP locking Wrong argument meant that the objs involved in UNMAP ops were not always getting locked. Since NOSHARE objs share a common resv with the VM which is always locked this would only show up with...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References6
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: idxd: Fixed device leaks during the compat bind and unbind operations. Make sure to remove the references to the idxd device when using the compat bind and unbind sysfs interfaces...

5.5CVSS6AI score0.00193EPSS
Exploits0References3
Rows per page
Query Builder