Lucene search
K

675 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: fix mm lifecycle in open-coded taskvma iterator The open-coded taskvma iterator reads task-mm locklessly and acquires mmapreadtrylock but never calls mmget...

7.8CVSS6AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/27 1:54 a.m.8 views

SUSE CVE-2026-53033

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

7.8CVSS5.8AI score0.00133EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.30 views

CVE-2026-53085 bpf: fix mm lifecycle in open-coded task_vma iterator

In the Linux kernel, the following vulnerability has been resolved: bpf: fix mm lifecycle in open-coded taskvma iterator The open-coded taskvma iterator reads task-mm locklessly and acquires mmapreadtrylock but never calls mmget. If the task exits concurrently, the mmstruct can be freed as it is...

7.8CVSS0.00113EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:30 p.m.10 views

CVE-2026-53085

The CVE-2026-53085 issue affects the Linux kernel BPF subsystem where the open-coded task_vma iterator reads task->mm locklessly and uses mmap_read_trylock() without taking an mm reference, risking use-after-free if the task exits concurrently. The patch reads task->mm with a trylock on all...

7.8CVSS5.7AI score0.00113EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38953

In the Linux kernel, the following vulnerability has been resolved: bpf: fix mm lifecycle in open-coded taskvma iterator The open-coded taskvma iterator reads task-mm locklessly and acquires mmapreadtrylock but never calls mmget. If the task exits concurrently, the mmstruct can be freed as it is...

5.7AI score0.00113EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.30 views

CVE-2026-53033 bpf, sockmap: Take state lock for af_unix iter

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

7.8CVSS0.00133EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:29 p.m.16 views

CVE-2026-53033

CVE-2026-53033 affects the Linux kernel’s BPF sockmap path, causing a race in unix_stream_bpf_update_proto() that can yield a Use-After-Free when a BPF iterator updates a sockmap during a TCP state transition. The issue is resolved by taking the state lock for AF_UNIX iterations to keep the unix ...

7.8CVSS5.7AI score0.00133EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.29 views

CVE-2026-52989 nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

9.8CVSS0.00342EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:29 p.m.19 views

CVE-2026-52989

CVE-2026-52989 affects the Linux kernel nvmet-tcp component. The root cause is that nvmet_tcp_build_pdu_iovec() detects out-of-bounds PDU length/offset but does not propagate the error to callers; it returns void and triggers nvmet_tcp_fatal_error(cmd->queue) without alerting the caller, leavi...

9.8CVSS5.7AI score0.00342EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 8:16 a.m.16 views

CVE-2026-52921

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash: range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last...

5.5CVSS0.00114EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.2 views

UBUNTU-CVE-2026-52921

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash: range iteration at end The following hash set variants: hash:ip,mark hash:ip,port hash:ip,port,ip hash:ip,port,net iterate IPv4 ranges with a 32-bit iterator. The iterator must stop once the last...

5.6AI score0.00114EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51978

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lock ordering problem exists in the BPF subsystem when using the task vma iterator. Holding the per-VMA lock across the BPF program body can lead to a deadlock when helpers attempt to...

6AI score0.00156EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51979

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free flaw exists in the Berkeley Packet Filter BPF subsystem. The task vma iterator reads task-mm locklessly and acquires mmap read trylock without calling mmget. If a task...

7.8CVSS5.7AI score0.00113EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51927

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the unix stream bpf update proto function within the Linux kernel's sockmap functionality. This issue occurs when a BPF Berkeley Packet Filter iterator program...

7.8CVSS6AI score0.00133EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51883

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the nvmet-tcp component occurs because the nvmet tcp build pdu iovec function does not propagate errors to its callers when detecting out-of-bounds PDU Protocol Data Unit lengt...

9.8CVSS6AI score0.00342EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/19 10:10 p.m.11 views

EUVD-2026-38003

Cloudflare Quiche: Use-after-free in connection ID iterator FFI functions...

5.6CVSS5.8AI score0.0017EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/19 10:10 p.m.11 views

Cloudflare Quiche: Use-after-free in connection ID iterator FFI functions

Impact Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The quicheconnectioniditernext and quicheconnretiredscidnext functions would return a pointer to a ConnectionId to the applications via function arguments, but the the owned...

5.6CVSS5.8AI score0.0017EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/19 9:55 a.m.32 views

CVE-2026-11941 Use-after-free in connection ID iterator and FFI functions

Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The “quicheconnectioniditernext” and “quicheconnretiredscidnext” functions would return a pointer to a “ConnectionId” to the applications via function arguments, but the owned...

5.6CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 2026/06/19 9:55 a.m.28 views

CVE-2026-11941

Cloudflare Quiche contains two use-after-free flaws in the FFI path for connection IDs. The issues affect the quiche_connection_id_iter_next and quiche_conn_retired_scid_next functions, where a owned ConnectionId is returned to the application via an argument but is dropped at the end of the func...

5.6CVSS5.8AI score0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/19 9:55 a.m.6 views

CVE-2026-11941

Cloudflare Quiche was affected by 2 use-after-free vulnerabilities in the connection ID iterator FFI functions. The “quicheconnectioniditernext” and “quicheconnretiredscidnext” functions would return a pointer to a “ConnectionId” to the applications via function arguments, but the owned...

5.6CVSS5.8AI score0.0017EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder