Lucene search
K

93 matches found

CVE
CVE
added 2026/06/25 8:38 a.m.17 views

CVE-2026-53153

CVE-2026-53153 affects the Linux kernel memcg list_lru path. A race during memcg_reparent_list_lrus() clears the dying memcg’s xarray entry before reparenting per-node lists, letting concurrent list_lru_del/walk operate on the parent and corrupt next/prev pointers. The fix reverses the order: rep...

7.8CVSS5.8AI score0.00106EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.28 views

CVE-2026-53071 Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Add missing chan lock in l2capecredreconfrsp l2capecredreconfrsp calls l2capchandel without holding l2capchanlock. Every other l2capchandel caller in the file acquires the lock first. A remote BLE device can sen...

8.8CVSS0.00266EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.16 views

CVE-2026-53071

CVE-2026-53071 concerns the Linux kernel Bluetooth L2CAP implementation. The flaw arises when l2cap_ecred_reconf_rsp() deletes a channel without holding l2cap_chan_lock(), unlike other callers which acquire the lock first. This can allow a remote BLE device to corrupt the channel list while anoth...

8.8CVSS5.8AI score0.00266EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-51121

Name of the Vulnerable Software and Affected Versions SpiceDB versions prior to 1.54.0 Description Under concurrency, the CheckPermission and CheckBulkPermissions functions can incorrectly return PERMISSIONSHIP HAS PERMISSION instead of PERMISSIONSHIP CONDITIONAL PERMISSION for a specific resourc...

3.7CVSS5.9AI score
Exploits0References4
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.20 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability arises from the vgicitsinvalidatecache function, which incorrectly places an iteration pointer ...

9.3CVSS5.3AI score0.00197EPSS
Exploits0References1
CVE
CVE
added 2026/05/29 7:30 p.m.41 views

CVE-2026-45151

NanoMQ (0.24.8 and earlier) contains a NULL substream pointer dereference in quic_stream_recv when a substream is reopening. The vulnerable code finishes AIO with an error but does not return before locking c->mtx, indicating a potential NULL dereference and an unlocked/locked state issue in t...

6.3CVSS5.9AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46210

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own inst-lock while the core-lock protects the list of active instances. T...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/05/26 4:31 p.m.22 views

CVE-2026-43981

CVE-2026-43981 affects Algernon, a small self-contained Go web server. In versions prior to 1.17.6, a race condition exists in engine/luahandler.go: the sync.RWMutex protecting LoadCommonFunctions is released before L.Push() and L.PCall() execute. Since gopher-lua’s LState is not goroutine-safe, ...

8.2CVSS5.8AI score0.00182EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix for a race condition in devmap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpdevbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes that bqenqueue and...

7CVSS5.9AI score0.0009EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: Fixed a possible NULL pointer dereferencing caused by driver concurrency. In dwc2hcdurbenqueue, the statement “urb-hcpriv = NULL” is executed without holding the lock “hsotg-lock”. In dwc2hcdurbdequeue: c...

5.5CVSS5.3AI score0.00245EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.13 views

SUSE CVE-2026-43111

In the Linux kernel, the following vulnerability has been resolved: HID: roccat: fix use-after-free in roccatreportevent roccatreportevent iterates over the device-readers list without holding the readerslock. This allows a concurrent roccatrelease to remove and free a reader while it's still bei...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/06 6:33 p.m.12 views

CVE-2026-43143

A flaw was found in the Linux kernel's multi-function device mfd core module. The mfdofnodelist lacked proper locking mechanisms, allowing for unsafe manipulation of the list. This concurrency issue could lead to system crashes, resulting in a Denial of Service DoS...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/26 4:27 p.m.4 views

EUVD-2026-16222

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race C++ UB triggered by an A 1-phase ↔ 3-phase switch request acswitchthreephaseswhilecharging during charging/waiting executes concurrently with the state machine loop. Version 2026.02.0 contains a patch...

4.2CVSS5.8AI score0.00134EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/25 4:55 p.m.12 views

SUSE CVE-2026-23369

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Revert "i2c: i801: replace acpilock with I2C bus lock" This reverts commit f707d6b9e7c18f669adfdb443906d46cfbaaa0c1. Under rare circumstances, multiple udev threads can collect i801 device info on boot and walk...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5
OSV
OSV
added 2026/02/25 9:16 p.m.5 views

UBUNTU-CVE-2026-25959

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfcliprdrprovidedata passes freed pDstData to XChangeProperty because the cliprdr channel thread calls xfcliprdrserverformatdataresponse which converts and uses the clipboard data without holding any lock,...

9.8CVSS5.8AI score0.00567EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2026/02/20 7:39 p.m.4 views

CVE-2026-26201

emp3r0r is a C2 designed by Linux users for Linux environments. Prior to version 3.21.2, multiple shared maps are accessed without consistent synchronization across goroutines. Under concurrent activity, Go runtime can trigger fatal error: concurrent map read and map write, causing C2 process cra...

7.5CVSS5.5AI score0.00291EPSS
Exploits1References1
OSV
OSV
added 2026/02/02 8:38 p.m.5 views

CVE-2026-24040 jsPDF has a Shared State Race Condition in addJS Plugin

jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS method in the jspdf Node.js build utilizes a shared module-scoped variable text to store JavaScript content. When used in a concurrent environment e.g., a Node.js web server, this variable is shared across all requests. ...

6.3CVSS5.3AI score0.00253EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2025/12/25 12:56 a.m.12 views

SUSE CVE-2023-54068

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to call f2fswaitonpagewriteback in f2fswriterawpages BUGON will be triggered when writing files concurrently, because the same page is writtenback multiple times. 1597 void folioendwritebackstruct folio folio...

6.6AI score0.00173EPSS
Exploits0References3
CVE
CVE
added 2025/12/24 1:5 p.m.14 views

CVE-2022-50764

The CVE-2022-50764 entry concerns a Linux kernel issue in ipv6/sit where dev->stats.tx_error data-races occur because sit tunnels are NETIF_F_LLTX and not protected by a spinlock. The root cause is multiple CPUs updating tx_error concurrently, with the fix implemented as DEV_STATS_INC() to avo...

6.1AI score0.00209EPSS
Exploits0References4
NVD
NVD
added 2025/12/24 11:15 a.m.5 views

CVE-2023-54032

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race when deleting quota root from the dirty cow roots list When disabling quotas we are deleting the quota root from the list fsinfo-dirtycowonlyroots without taking the lock that protects it, which is struct...

0.00172EPSS
Exploits0References8
Rows per page
Query Builder