Lucene search
K

5056 matches found

Cvelist
Cvelist
added 2026/06/25 8:39 a.m.25 views

CVE-2026-53246 sctp: validate cached peer INIT chunk length in COOKIE_ECHO processing

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

9.8CVSS0.00481EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53246

CVE-2026-53246 : In the Linux kernel SCTP implementation, a vulnerability exists in how COOKIE_ECHO payloads are processed. The cached peer INIT chunk embedded after the cookie could have its header length inflated without proper validation, allowing the parameter walk (via sctp_walk_params/sctp_...

9.8CVSS6AI score0.00481EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.21 views

CVE-2026-53243

The CVE-2026-53243 entry describes a Linux kernel issue in rseq_exit_user_update() where an uninitialized stack variable is used during initialization of ids in the rseq_ids struct. The bug arises because the inline initialization of struct rseq_ids ids can evaluate cpu_to_node(ids.cpu_id) before...

5.7AI score0.00162EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53242

CVE-2026-53242 affects the Linux kernel ALSA PCM path (snd_pcm_drain) on linked streams. The bug arises from wait queue handling: init_waitqueue_entry does not clear prev/next and add_wait_queue/remove_wait_queue sequencing can leave an orphaned wait entry on an old sleep queue after UNLINK, caus...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53224 sctp: validate embedded INIT chunk and address list lengths in cookie

In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list lengths in cookie sctpunpackcookie only checked that the embedded INIT chunk length did not exceed the remaining cookie payload, but did not ensure that the INIT chunk is large...

9.1CVSS0.00547EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:39 a.m.16 views

CVE-2026-53224

The vulnerability CVE-2026-53224 affects the Linux kernel SCTP implementation. The issue arises from insufficient validation of embedded INIT chunks and address list lengths in cookies: sctp_unpack_cookie() may accept a truncated INIT chunk, and the subsequent sctp_process_init() could read INIT ...

9.1CVSS5.7AI score0.00547EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53142 drm/xe/display: fix oops in suspend/shutdown without display

In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to probe display, and whether display hardware is there, using xe-info.probedisplay. It gets set to false if there's no display aft...

0.00166EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:38 a.m.5 views

EUVD-2026-39233

In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to probe display, and whether display hardware is there, using xe-info.probedisplay. It gets set to false if there's no display aft...

5.8AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 8:38 a.m.10 views

CVE-2026-53142

CVE-2026-53142 affects the Linux kernel’s drm/xe/display path. The xe driver tracks whether to probe display via xe->info.probe_display, which can be set to false after intel_display_device_probe() if no display is present or later disabled by fuses. In that state, xe_display_flush_cleanup_wor...

5.8AI score0.00166EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38862

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix MSGZEROCOPY pinned-pages accounting virtiotransportinitzcopyskb uses iter-count as the size argument for msgzerocopyrealloc, which in turn passes it to mmaccountpinnedpages for RLIMITMEMLOCK accounting. However,...

5.7AI score0.00173EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:30 p.m.3 views

EUVD-2026-38944

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix OOB in pcpuinitvalue An out-of-bounds read occurs when copying element from a BPFMAPTYPECGROUPSTORAGE map to another pcpu map with the same valuesize that is not rounded up to 8 bytes. The issue happens when: 1. A...

5.7AI score0.00116EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/24 4:29 p.m.5 views

EUVD-2026-38910

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

5.8AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:29 p.m.10 views

CVE-2026-53042

In CVE-2026-53042, the Linux kernel vulnerability stems from an initialization order: CXL is linked before fwctl in drivers/Makefile, causing fwctl_register to run before fwctl_init, so fwctl_class isn’t registered when device_add is called. This makes class_to_subsys() return NULL, skipping knod...

5.8AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:29 p.m.7 views

CVE-2026-52994

CVE-2026-52994 affects the Linux kernel virtio transport for vsock zcopy: virtio_transport_init_zcopy_skb() previously used iter->count as the size for msg_zerocopy_realloc(), which then desks mm_account_pinned_pages() for RLIMIT_MEMLOCK. Because iter->count is consumed by virtio_transport_...

5.7AI score0.00173EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52985

In the Linux kernel, the following vulnerability has been resolved: netdevsim: zero initialize struct iphdr in dummy skbuff Syzbot reports a KMSAN uninit-value originating from nsimdevtrapskbbuild, with the allocation also being performed in the same function. Fix this by calling skbputzero inste...

5.7AI score0.00176EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl8xxxu: Fixed a slab-out-of-bounds issue in rtl8xxxustaadd. The driver does not set hw-stadatasize, which causes mac80211 to allocate insufficient space for the driver’s private station data in stainfoalloc. When...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fixed a missing pointer check in the hdacomponentmanagerinit function. The componentmatchadd function may assign the ‘matchptr’ pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack...

5.8AI score0.00181EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak was fixed in amdgpurasinit. When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, resulting in a memory leak. This issue was fixed by...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.33 views

CVE-2026-6292 MP Customize Login Page <= 1.0 - Cross-Site Request Forgery to Settings Update

The MP Customize Login Page plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in all versions up to and including 1.0. This is due to a completely broken nonce validation in the entermpclploginoptions function, which contains an inverted check if wpverifynonce... return false;...

4.3CVSS0.00176EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 5:33 a.m.11 views

CVE-2026-6292

CVE-2026-6292 affects the WordPress plugin MP Customize Login Page (versions ≤ 1.0). The issue is a CSRF vulnerability caused by a broken nonce validation in enter_mpclp_login_options() (inverted wp_verify_nonce() check and missing action parameter) and a settings-update handler hooked on init wi...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References5
Rows per page
Query Builder