Lucene search
K

222 matches found

Cvelist
Cvelist
added 2026/05/08 2:22 p.m.36 views

CVE-2026-43455 mctp: route: hold key->lock in mctp_flow_prepare_output()

In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...

0.00114EPSS
Exploits0References6
CVE
CVE
added 2026/05/08 2:22 p.m.20 views

CVE-2026-43455

In CVE-2026-43455, multiple sources confirm a race in the Linux kernel MCTP module: mctp_flow_prepare_output() checks key->dev and may call mctp_dev_set_key() without holding key->lock, while both mctp_dev_set_key() and mctp_dev_release_key() require the lock. This can allow concurrent path...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.7 views

CVE-2026-43455

In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...

5.7AI score0.00114EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/05/08 2:22 p.m.1 views

CVE-2026-43455 mctp: route: hold key->lock in mctp_flow_prepare_output()

In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...

5.5CVSS6.2AI score0.00114EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.9 views

CVE-2026-43375

In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...

5.8AI score0.00121EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/08 2:21 p.m.17 views

CVE-2026-43375

CVE-2026-43375 concerns the Linux kernel in the MCTP path. A leak occurs during probe failures because the driver saves a reference to the USB device but fails to release it on error paths. The fix drops the redundant device reference to prevent memory leaks when the probe fails, simplifying driv...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:21 p.m.9 views

CVE-2026-43375

In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mctp i2c component. When midev-allowrx is set to false, the newly allocated skb packets are n...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39116

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the mctp flow prepare output function. The function checks key-dev and may call mctp dev set key without holding the key-lock, despite the latter being intende...

9.3CVSS6.1AI score0.005EPSS
Exploits4References438
Tenable Nessus
Tenable Nessus
added 2026/04/26 12:0 a.m.6 views

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014352)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014352 advisory. In the Linux kernel, the following vulnerability has been resolved: mctp: fix use after free Clang static analysis reports this problem route.c:425:4: warning: Use ...

7.8CVSS5.4AI score0.00216EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: mctp: Set SOCKRCUFREE The Bind lookup operation is executed under RCU; therefore, ensure that a socket does not disappear during the middle of a lookup operation...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/11/06 3:34 p.m.7 views

Security update for the Linux Kernel

The SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1234863. CVE-2024-57891: schedext: Fix invalid irq restore in scxopsbypass...

9.2CVSS7.4AI score0.08942EPSS
Exploits14References2518
Tenable Nessus
Tenable Nessus
added 2025/10/18 12:0 a.m.38 views

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2025:03634-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03634-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following securi...

8.1CVSS7.9AI score0.02838EPSS
Exploits6References1393
SUSE Linux
SUSE Linux
added 2025/10/17 2:32 p.m.8 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708...

9.2CVSS7.8AI score0.02838EPSS
Exploits6References1906
OSV
OSV
added 2025/10/17 2:32 p.m.15 views

SUSE-SU-2025:03633-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-53261: coresight: Fix memory leak in acpibuffer-pointer bsc1249770. - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. -...

7.8CVSS6.7AI score0.02838EPSS
Exploits5References450
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-9418

Malicious code in bioql PyPI...

7.2AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-15740

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00342EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-12948

Malicious code in bioql PyPI...

5.6AI score0.0014EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2023-44103

Malicious code in bioql PyPI...

4.7CVSS6.9AI score0.00349EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-27859

Malicious code in bioql PyPI...

8.6AI score0.00159EPSS
Exploits0References4
Rows per page
Query Builder