Lucene search
K

3024 matches found

OSV
OSV
added 2026/06/25 1:16 p.m.2 views

UBUNTU-CVE-2026-40211

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memo...

5.3CVSS5.9AI score0.00413EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 1:16 p.m.2 views

UBUNTU-CVE-2026-40208

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.8AI score0.00285EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 1:16 p.m.2 views

UBUNTU-CVE-2026-40209

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

DEBIAN-CVE-2026-53243

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...

5.7AI score0.00162EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

DEBIAN-CVE-2026-53231

In the Linux kernel, the following vulnerability has been resolved: net: phy: don't try to setup PHY-driven SFP cages when using genphy We don't have support for PHY-driver SFP cages with the genphy code. On top of that, it was found by sashiko that running sfpbusaddupstream for genphy deadlocks,...

5.5CVSS5.7AI score0.00087EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

DEBIAN-CVE-2026-53228

In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offloads ipip6tunnelxmit caches the inner IPv6 header pointer at function entry and continues using it after iptunnelhandleoffloads. For GSO skbs, iptunnelhandleoffloads calls...

9.8CVSS5.7AI score0.00559EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

DEBIAN-CVE-2026-53199

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: use kmaplocalpage in netvsccopytosendbuf netvsccopytosendbuf copies page buffer entries into the VMBus send buffer using phystovirt on the entry PFN. Entries for the RNDIS header and the skb linear data come from...

7.5CVSS5.9AI score0.0053EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

DEBIAN-CVE-2026-53182

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...

7.8CVSS5.7AI score0.00138EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

DEBIAN-CVE-2026-53145

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Try to fix changehandle ioctl, attempt 4 airlied: just added some comments on how to reenable On-list because the cat is out of the bag and we're clearly not good enough to figure this out in private. The story thus far:...

7.8CVSS5.8AI score0.00102EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 7:16 a.m.3 views

DEBIAN-CVE-2026-12244

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an uint16t variable that is used to allocate space needed for the RR wrap because total size 65535,...

8.8CVSS5.9AI score0.00303EPSS
Exploits0References1
OSV
OSV
added 2026/06/25 6:11 a.m.3 views

BELL-CVE-2026-52929

Bulletin has no description...

7.5CVSS5.7AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-53125

In the Linux kernel, the following vulnerability has been resolved: md: fix arraystate=clear sysfs deadlock When "clear" is written to arraystate, mdattrstore breaks sysfs active protection so the array can delete itself from its own sysfs store method. However, mdattrstore currently drops the...

5.6AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-53093

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix error pointer dereference The function brcmfchipaddcore can return an error pointer and is not checked. Add checks for error pointer. Detected by Smatch:...

5.6AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.3 views

DEBIAN-CVE-2026-53083

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix RCU stall in bpffdarraymapclear Add a missing condresched in bpffdarraymapclear loop. For PROGARRAY maps with many entries this loop calls progarraymappokerun per entry which can be expensive, and without yielding this c...

5.6AI score0.00156EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.15 views

DEBIAN-CVE-2026-53087

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

7.5CVSS5.7AI score0.00376EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.6 views

DEBIAN-CVE-2026-53074

In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...

5.6AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.4 views

DEBIAN-CVE-2026-53048

In the Linux kernel, the following vulnerability has been resolved: gfs2: prevent NULL pointer dereference during unmount When flushing out outstanding glock work during an unmount, gfs2logflush can be called when sdp-sdjdesc has already been deallocated and sdp-sdjdesc is NULL. Commit 35264909e9...

5.6AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.3 views

DEBIAN-CVE-2026-53046

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine ksmbdcryptmessage sets a NULL completion callback on AEAD requests and does not handle the -EINPROGRESS return code from async hardware crypto engines like the...

9.8CVSS5.7AI score0.00531EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-53023

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in sbi-volume.label. The converted label is later exposed through...

5.7AI score0.00172EPSS
Exploits0References1
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-53003

In the Linux kernel, the following vulnerability has been resolved: pppoe: drop PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the current PPPoE driver assumes an...

7.5CVSS5.7AI score0.00508EPSS
Exploits0References1
Rows per page
Query Builder