Lucene search
+L

229 matches found

redhatcve
redhatcve
added 2026/06/25 11:24 p.m.8 views

CVE-2026-53072

A flaw was found in the Linux kernel's Bluetooth subsystem. Improper handling of locking within the hciconnrequestevt function, particularly when the HCIPROTODEFER protocol is active, can result in a Use-After-Free UAF vulnerability. This condition arises when a connection object is accessed afte...

8.8CVSS6AI score0.00247EPSS
Exploits0References4
cve
cve
added 2026/06/24 4:30 p.m.11 views

CVE-2026-53115

In the Linux kernel, CVE-2026-53115 affects the bus: fsl-mc driver where, during driver probing via __driver_attach(), the bus match() callback could access the driver_override field without holding the device lock, creating a use-after-free risk. The fix uses the driver-core driver_override infr...

5.7AI score0.00157EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.9 views

PT-2026-51948

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/msm component where a wrong argument caused objects involved in UNMAP operations to not be consistently locked. This behavior specifically affects non- NO SHAR...

7.8CVSS5.7AI score0.00127EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.10 views

PT-2026-51928

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference exists in the Linux kernel's BPF sockmap implementation. The issue occurs because unix stream connect updates the sk state variable to TCP ESTABLISHED before...

5.6CVSS6AI score0.0018EPSS
Exploits0References15
debiancve
debiancve
added 2026/05/27 12:17 p.m.10 views

CVE-2026-45904

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...

5.5CVSS5.7AI score0.00156EPSS
Exploits0
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2TREEDISCONNECT commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

9.8CVSS6.8AI score0.02937EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue arises due to the lack of proper locking when performing operations on an object. An...

8.1CVSS6.7AI score0.02393EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/18 7:5 a.m.10 views

CVE-2026-6341 Incomplete group locking implementation

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
osv
osv
added 2026/05/08 1:31 p.m.4 views

CVE-2026-43327 USB: dummy-hcd: Fix locking/synchronization error

In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usbgadgetudcreset routine in drivers/usb/gadgets/udc/core.c, resulting from the fact that the routine w...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References11
nessus
nessus
added 2026/05/08 12:0 a.m.18 views

Linux Distros Unpatched Vulnerability : CVE-2026-43319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different...

5.5CVSS6.3AI score0.00094EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/05/08 12:0 a.m.14 views

PT-2026-39084

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the usb gadget f ncm component where the ncm set alt function holds a mutex to prevent races with configfs. This action invokes a sleeping function within an atomic...

5.8AI score0.00091EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/05/06 6:33 p.m.13 views

CVE-2026-43143

A flaw was found in the Linux kernel's multi-function device mfd core module. The mfdofnodelist lacked proper locking mechanisms, allowing for unsafe manipulation of the list. This concurrency issue could lead to system crashes, resulting in a Denial of Service DoS...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References4
nessus
nessus
added 2026/05/06 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-43116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go awa...

7.8CVSS5.6AI score0.00096EPSS
Exploits0References4
cvelist
cvelist
added 2026/02/04 4:0 p.m.31 views

CVE-2026-23045 net/ena: fix missing lock when update devlink params

In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devlparamdriverinitvalueset in ena. WARNING: net/devlink/core.c:261 at devlassertlocked+0x62/0x90, CPU0: kworker/0:0/9 CPU: 0 UID: 0 PID: ...

0.00151EPSS
Exploits0References2
redos
redos
added 2026/01/20 12:0 a.m.9 views

ROS-20260120-7319

Vulnerability in kernel-lt related to incorrect resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.7AI score0.00138EPSS
Exploits0
nessus
nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 3 : kernel-2.6.18-348.5.AXS3 (AXSA:2013-550:05)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-550:05 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

4.7CVSS7.5AI score0.00411EPSS
Exploits0References2
nessus
nessus
added 2026/01/15 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-71126

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at...

5.5CVSS6.1AI score0.00111EPSS
Exploits0References3
redos
redos
added 2026/01/12 12:0 a.m.6 views

ROS-20260112-7331

A vulnerability in the ext4xattrsetentry function of the fs/ext4/xattr.c module of the Ext4 file system of the Linux kernel is related to insufficient locking of a resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.5AI score0.00221EPSS
Exploits0
redhatcve
redhatcve
added 2026/01/09 10:41 a.m.6 views

CVE-2022-26356

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dirty hypercalls. A suitably timed call to XENDMOPtrackdirtyvram can enable log dirty whil...

5.6CVSS6.6AI score0.00232EPSS
Exploits0References1
nessus
nessus
added 2026/01/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000512)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000512 advisory. In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queuedwritelockslowpath While this code is executed with the...

5.5CVSS5.9AI score0.00228EPSS
Exploits0References3
Rows per page
Query Builder