Lucene search
K

3274 matches found

EUVD
EUVD
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38872

In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...

6AI score0.00176EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38855

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If...

5.8AI score0.00131EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38849

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

5.8AI score0.00539EPSS
Exploits0References7
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-53030

In the Linux kernel, the following vulnerability has been resolved: i3c: master: renesas: Fix memory leak in renesasi3ci3cxfers The xfer structure allocated by renesasi3callocxfer was never freed in the renesasi3ci3cxfers function. Use the freekfree cleanup attribute to automatically free the...

0.00166EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:30 p.m.20 views

EUVD-2026-38998

In the Linux kernel, the following vulnerability has been resolved: fs/omfs: reject ssysblocksize smaller than OMFSDIRSTART omfsfillsuper rejects oversized ssysblocksize values PAGESIZE, but it does not reject values smaller than OMFSDIRSTART 0x1b8 = 440. Later, omfsmakeempty uses sbi-ssysblocksi...

5.7AI score0.0013EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.7 views

CVE-2026-53094

The CVE affects the Linux kernel BPF/JIT path for dev-bound-only XDP programs. When constant blinding is enabled (bpf_jit_harden >= 2), bpf_jit_blind_constants() clones the program and bpf_jit_prog_release_other() frees the original, but offload->prog isn’t updated, leaving a stale pointer....

7.8CVSS5.8AI score0.00128EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.28 views

CVE-2026-53086 net: bcmgenet: fix racing timeout handler

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix racing timeout handler The bcmgenettimeout handler tries to take down all tx queues when a single queue times out. This is over zealous and causes many race conditions with queues that are still chugging along...

9.8CVSS0.00386EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.28 views

CVE-2026-53071 Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Add missing chan lock in l2capecredreconfrsp l2capecredreconfrsp calls l2capchandel without holding l2capchanlock. Every other l2capchandel caller in the file acquires the lock first. A remote BLE device can sen...

8.8CVSS0.00266EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.2 views

EUVD-2026-38934

In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: backend: fix error pointer dereference The function drmatomicgetplanestate can return an error pointer and is not checked for it. Add error pointer check. Detected by Smatch: drivers/gpu/drm/sun4i/sun4ibackend.c:496...

5.7AI score0.00161EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:30 p.m.6 views

CVE-2026-53061

CVE-2026-53061 affects Linux kernel dm-cache. Concrete details in connected documents show a fix for dirty mapping checking in passthrough mode switching, addressing a preload-time issue that could load dirty mappings into passthrough mode and cause data loss. The root cause involves table reload...

5.7AI score0.00176EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.30 views

CVE-2026-53059 dm log: fix out-of-bounds write due to region_count overflow

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but dmsectordivup returns sectort 64-bit. When a device-mapper target has a...

0.00127EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.31 views

CVE-2026-53045 memory: tegra124-emc: Fix dll_change check

In the Linux kernel, the following vulnerability has been resolved: memory: tegra124-emc: Fix dllchange check The code checking whether the specified memory timing enables DLL in the EMRS register was reversed. DLL is enabled if bit A0 is low. Fix the check...

9.8CVSS0.00521EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:29 p.m.6 views

CVE-2026-53034

CVE-2026-53034 concerns the Linux kernel’s af_unix sockmap interaction during unix_stream_connect. The vulnerability arises because unix_stream_connect() sets sk_state to TCP_ESTABLISHED before assigning the peer via unix_peer(sk) = newsk, creating a window where sock_map_sk_state_allowed() may s...

5.6AI score0.0018EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/24 4:29 p.m.4 views

CVE-2026-53031

In the Linux kernel, the following vulnerability has been resolved: bpf: Validate nodeid in arenaallocpages arenaallocpages accepts a plain int nodeid and forwards it through the entire allocation chain without any bounds checking. Validate nodeid before passing it down the allocation chain in...

7.8CVSS5.6AI score0.00128EPSS
Exploits0
CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-53029

CVE-2026-53029: In the Linux kernel’s ntfs3 codepath, an uninitialized LCN could be triggered due to a zero-length path in ntfs_iomap_begin. The bug arises because run_lookup_entry() can fail and leave *len and the new value/err at 0, causing attr_data_get_block_locked() to take an ok path before...

5.7AI score0.00172EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.5 views

CVE-2026-53020

The CVE-2026-53020 entry documents a Linux kernel issue: a race condition during Translation Lookaside Buffer (TLB) synchronization when the page table is traversed and modified without holding the proper page table lock. The root cause is the lack of adequate locking during TLB sync, which can l...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:29 p.m.6 views

CVE-2026-52999

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix out-of-bounds read on option matching In nfosfmatch, the nfosfhdrctx structure is initialized once and passed by reference to nfosfmatchone for each fingerprint checked. During TCP option parsing,...

5.6AI score0.00521EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.29 views

CVE-2026-52993 tipc: fix double-free in tipc_buf_append()

In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipcbufappend tipcmsgvalidate can potentially reallocate the skb it is validating, freeing the old one. In tipcbufappend, it was being called with a pointer to a local variable which was a copy of the...

9.8CVSS0.00351EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.18 views

CVE-2026-52982

The CVE-2026-52982 issue affects the Linux kernel driver rtl8150 for Realtek RTL8150 USB Ethernet devices. A use-after-free (UAF) can occur in rtl8150_start_xmit() when reading skb->len for tx_bytes statistics after usb_submit_urb() is issued, because the skb may be freed in the USB completion...

9.8CVSS5.7AI score0.00543EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:28 p.m.9 views

CVE-2026-52981

CVE-2026-52981 concerns a Linux kernel issue in neigh_xmit: when called with an uninitialized neighbor table (e.g., NEIGH_ND_TABLE with IPv6 disabled), neigh_xmit can return -EAFNOSUPPORT without releasing the skb, risking a memory leak. The fix removes the remaining code path that could neither ...

7.5CVSS5.8AI score0.00539EPSS
Exploits0References6
Rows per page
Query Builder