Linux Distros Unpatched Vulnerability : CVE-2026-31737

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ftgmac100: fix ring allocation unwind on open failure ftgmac100allocrings allocates rxskbs, txskbs, rxdes, txdes, and rxscratch in stages. On intermediate...

Linux Distros Unpatched Vulnerability : CVE-2026-43040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ipv6: ndisc: fix ndiscrauseropt to initialize nduseroptpadX fields to zero to prevent an info-leak When processing Router Advertisements with user options...

CVE-2026-31782

A flaw was found in the Linux kernel's performance monitoring unit perf/x86 component. This vulnerability occurs when the auto counter reload feature processes certain event groups, potentially causing an out-of-bounds memory read. An attacker could exploit this to gain unauthorized access to...

CVE-2026-31780

A flaw was found in the Linux kernel's wilc1000 Wi-Fi driver. An integer overflow vulnerability exists in the calculation of the SSID scan buffer size. This can lead to a heap buffer overflow when processing multiple Service Set Identifiers SSIDs, potentially allowing a local attacker to cause a...

CVE-2026-31764

A flaw was found in the Linux kernel's stlsm6dsx Industrial I/O IIO Inertial Measurement Unit IMU driver. A local user can trigger an out-of-bounds access by writing to the buffer sampling frequency sysfs attribute. This occurs when the stlsm6dsxcheckodr function attempts to access an array with ...

CVE-2026-31765

A flaw was found in the Linux kernel's AMDGPU driver. On systems configured with 64KB page sizes, a mismatch between the reserved trap area size and the allocated memory for the Kernel Fusion Driver KFD can lead to a kernel crash. A local user running specific applications, such as rocminfo or rc...

CVE-2026-31748

A flaw was found in the Linux kernel's comedi: medaq module. The me2600xilinxdownload function, responsible for loading firmware, does not adequately validate the length of the provided firmware data stream. This vulnerability allows for a buffer overrun, which can lead to memory corruption withi...

CVE-2026-31739

A flaw was found in the Linux kernel's tegra crypto driver. The driver failed to correctly set a flag for its asynchronous cryptographic algorithms. This oversight could lead to the crypto API selecting asynchronous algorithms when a user specifically requests synchronous ones. Consequently, this...

CVE-2026-31736

A flaw was found in the Linux kernel's mtkppe Ethernet driver. When the gmac0 interface is disabled, a precheck for a valid ingress device can lead to a NULL pointer dereference. This vulnerability can cause a system crash, resulting in a Denial of Service DoS...

CVE-2026-31733

A flaw was found in the Linux kernel's schedext component. The scheduler's direct dispatch state ddspdsqid was not consistently cleared across all execution paths. This oversight could leave the system in an incorrect state, leading to spurious warnings and unexpected behavior during task dispatc...

CVE-2026-31731

A flaw was found in the Linux kernel's thermal management subsystem. A race condition can occur when thermal zones are removed while the system is resuming from a power-saving state. This timing issue can cause the system to attempt to use memory that has already been freed, leading to a...

CVE-2026-31726

A flaw was found in the Linux kernel's USB Video Class UVC gadget driver. A race condition during power management PM transitions can cause a null pointer dereference. This occurs when the system attempts to access a deallocated gadget pointer, leading to a kernel panic. This vulnerability can be...

CVE-2026-31725

A flaw was found in the Linux kernel's usb: gadget: fecm component. When a USB gadget function unbinds, the associated netdevice may not be properly de-parented from the destroyed gadget device. This can lead to dangling symbolic links in the /sys/class/net/ directory, potentially causing issues...

CVE-2026-31717

A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability allows an authenticated user to hijack an orphaned durable handle by predicting or brute-forcing its persistent ID. This could lead to unauthorized access to file sessions and potentially sensitive data or services...

CVE-2026-31715

A flaw was found in the Linux kernel's Flash-Friendly File System f2fs. A use-after-free vulnerability exists due to incorrect handling of page counts during concurrent write operations and unmounting. This can lead to a NULL pointer dereference, causing the system to panic and resulting in a...

CVE-2026-31712

A flaw was found in the ksmbd component of the Linux kernel. An authenticated Server Message Block SMB client with permissions to set an Access Control List ACL on a file can craft a malicious Discretionary Access Control List DACL. This crafted DACL, containing an undersized Access Control Entry...

Metasploit Wrap-Up 05/01/2026

MCP server This release our very own cdelafuente-r7 finished implementing the Metasploit MCP Server msfmcpd, bringing Model Context Protocol support to Metasploit Framework. MCP lets AI applications like Claude, Cursor, or your own custom agents query Metasploit data. Think of it as a middleware...

CVE-2026-31710

A flaw was found in the Linux kernel's Server Message Block SMB client. When mounting SMB1 UNIX shares, the system may incorrectly handle directory separators. This issue arises because flags related to POSIX Access Control Lists ACLs and paths are not properly updated, leading to the use of an...

CVE-2026-31701

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA caiaq driver. This vulnerability arises from improper handling of Universal Serial Bus USB device references. When a USB device is disconnected, the driver may attempt to access memory that has already been freed, a...

CVE-2026-31698

A flaw was found in the Linux kernel's crypto subsystem, specifically within the ccp driver. A local user could exploit this vulnerability when attempting to retrieve the Platform DH PDH certificate. If a firmware command fails due to an invalid length, the driver may attempt to copy data to...