229 matches found
CVE-2026-53072
A flaw was found in the Linux kernel's Bluetooth subsystem. Improper handling of locking within the hciconnrequestevt function, particularly when the HCIPROTODEFER protocol is active, can result in a Use-After-Free UAF vulnerability. This condition arises when a connection object is accessed afte...
CVE-2026-53115
In the Linux kernel, CVE-2026-53115 affects the bus: fsl-mc driver where, during driver probing via __driver_attach(), the bus match() callback could access the driver_override field without holding the device lock, creating a use-after-free risk. The fix uses the driver-core driver_override infr...
PT-2026-51948
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/msm component where a wrong argument caused objects involved in UNMAP operations to not be consistently locked. This behavior specifically affects non- NO SHAR...
PT-2026-51928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference exists in the Linux kernel's BPF sockmap implementation. The issue occurs because unix stream connect updates the sk state variable to TCP ESTABLISHED before...
CVE-2026-45904
In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2TREEDISCONNECT commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue arises due to the lack of proper locking when performing operations on an object. An...
CVE-2026-6341 Incomplete group locking implementation
Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...
CVE-2026-43327 USB: dummy-hcd: Fix locking/synchronization error
In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...
Linux Distros Unpatched Vulnerability : CVE-2026-43319
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different...
PT-2026-39084
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the usb gadget f ncm component where the ncm set alt function holds a mutex to prevent races with configfs. This action invokes a sleeping function within an atomic...
CVE-2026-43143
A flaw was found in the Linux kernel's multi-function device mfd core module. The mfdofnodelist lacked proper locking mechanisms, allowing for unsafe manipulation of the list. This concurrency issue could lead to system crashes, resulting in a Denial of Service DoS...
Linux Distros Unpatched Vulnerability : CVE-2026-43116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go awa...
CVE-2026-23045 net/ena: fix missing lock when update devlink params
In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devlparamdriverinitvalueset in ena. WARNING: net/devlink/core.c:261 at devlassertlocked+0x62/0x90, CPU0: kworker/0:0/9 CPU: 0 UID: 0 PID: ...
ROS-20260120-7319
Vulnerability in kernel-lt related to incorrect resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
MiracleLinux 3 : kernel-2.6.18-348.5.AXS3 (AXSA:2013-550:05)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-550:05 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...
Linux Distros Unpatched Vulnerability : CVE-2025-71126
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at...
ROS-20260112-7331
A vulnerability in the ext4xattrsetentry function of the fs/ext4/xattr.c module of the Ext4 file system of the Linux kernel is related to insufficient locking of a resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
CVE-2022-26356
Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dirty hypercalls. A suitably timed call to XENDMOPtrackdirtyvram can enable log dirty whil...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000512)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000512 advisory. In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queuedwritelockslowpath While this code is executed with the...