54 matches found
CVE-2026-46324
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use listdelrcu for netlink hooks nftnetdevunregisterhooks and nftunregisterflowtablenethooks need to use listdelrcu, this list can be walked by concurrent dumpers. Add a new helper and use it consistently...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Added a lock to protect the encoder context list. A lock was added for the ctxlist to prevent accessing a NULL pointer within the 'vpuencipihandler' function when the ctxlist is deleted due to an unexpect...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: eventfs: Use listdelrcu for SRCU protected list variable Chi Zhiling reported: We found a null pointer accessing in tracefs1, the reason is that the variable 'eichild' is set to LISTPOISON1, that means the list was removed in...
SUSE CVE-2026-31642
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...
DEBIAN-CVE-2026-31642
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...
CVE-2026-31642
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...
EUVD-2026-25535
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...
CVE-2026-31642 rxrpc: Fix call removal to use RCU safe deletion
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...
CVE-2026-31642
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...
CVE-2026-31642
The CVE-2026-31642 entry concerns the Linux kernel rxrpc module, where a flaw in call removal was fixed by using list_del_rcu() instead of list_del_init() to prevent infinite loops when reading /proc/net/rxrpc/calls. The underlying issue is that improperly deleting calls could disrupt list handli...
Admidio has Missing CSRF Protections on Custom List Deletion in mylist_function.php
Reported by: Juan Felipe Oz @JF0x0r LinkedIn Summary The delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently destroy that user's list configurations —...
CVE-2026-34382
Admidio (open-source user management) has a CSRF protection issue in the delete mode handler of mylist_function.php. From version 5.0.0 up to 5.0.7, deleting list configurations could occur without validating a CSRF token, allowing an authenticated user’s page to silently destroy their own list c...
CVE-2026-34382 Admidio: Missing CSRF Protection on Custom List Deletion in mylist_function.php
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently...
CVE-2026-34382 Admidio: Missing CSRF Protection on Custom List Deletion in mylist_function.php
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently...
EUVD-2026-17624
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently...
CVE-2026-34382 Admidio: Missing CSRF Protection on Custom List Deletion in mylist_function.php
Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylistfunction.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently...
WordPress Newsletter Popup plugin <= 1.2 - List Deletion via CSRF vulnerability
List Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Newsletter Popup versions = 1.2...
CVE-2026-23004
The CVE-2026-23004 issue in the Linux kernel concerns races in the IPv6 dst cache path (rt6_uncached_list_del/rt_del_uncached_list) leading to use-after-free during list_head initialization in INIT_LIST_HEAD, as observed by KASAN in rt6_uncached_list_flush_dev and related paths. The root cause is...
CVE-2023-54165 zsmalloc: move LRU update from zs_map_object() to zs_malloc()
In the Linux kernel, the following vulnerability has been resolved: zsmalloc: move LRU update from zsmapobject to zsmalloc Under memory pressure, we sometimes observe the following crash: 5694.832838 ------------ cut here ------------ 5694.842093 listdel corruption, ffff888014b6a448-next is...
CVE-2025-40213
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: fix crash in setmeshsync and setmeshcomplete There is a BUG: KASAN: stack-out-of-bounds in setmeshsync due to memcpy from badly declared on-stack flexible array. Another crash is in setmeshcomplete due to double...