Lucene search
K

1226 matches found

OSV
OSV
added 2026/07/02 12:0 a.m.7 views

UBUNTU-CVE-2026-53355

In the Linux kernel, the following vulnerability has been resolved: net: rds: clear isends on setup unwind The RDS IB connection teardown path is written so it can run during partial startup and on repeated shutdown attempts. It uses NULL pointers to distinguish resources that are still owned fro...

5.7AI score0.00164EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/26 3:1 p.m.11 views

CVE-2026-52995

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS subsystem. This vulnerability allows a local unprivileged user to disclose sensitive kernel memory. When a user queries connection information through getsockoptSOLRDS, RDSINFOIBCONNECTIONS while an RDS connection is not fully...

5.5CVSS5.6AI score0.00176EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 6:32 p.m.9 views

EUVD-2026-38863

In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...

6AI score0.00176EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-52995

In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...

0.00176EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.27 views

CVE-2026-53077 net/rds: Restrict use of RDS/IB to the initial network namespace

In the Linux kernel, the following vulnerability has been resolved: net/rds: Restrict use of RDS/IB to the initial network namespace Prevent using RDS/IB in network namespaces other than the initial one. The existing RDS/IB code will not work properly in non-initial network namespaces...

7.8CVSS0.0012EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.7 views

CVE-2026-53077

The vulnerability CVE-2026-53077 affects the Linux kernel RDS/IB code: it restricted usage to the initial network namespace, with the non-initial namespaces not supported and the existing code likely malfunctioning. Multiple advisories note the issue has been resolved/patched (e.g., Debian/Ubuntu...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:29 p.m.10 views

CVE-2026-52995

The CVE-2026-52995 issue affects the Linux kernel’s RDS path: rds_for_each_conn_info() and rds_walk_conn_path_info() pass a caller-allocated on-stack buffer to visitors and then copy item_len bytes back to user space, potentially exposing uninitialized stack data. In particular, rds_ib_conn_info_...

6AI score0.00176EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:29 p.m.3 views

CVE-2026-52995

In the Linux kernel, the following vulnerability has been resolved: net/rds: zero per-item info buffer before handing it to visitors rdsforeachconninfo and rdswalkconnpathinfo both hand a caller-allocated on-stack u64 buffer to a per-connection visitor and then copy the full itemlen bytes back to...

6AI score0.00176EPSS
Exploits0References9Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/rds: The reconnect-pending bit. When canceling the reconnect worker, care must be taken to reset the reconnect-pending bit. If the reconnect worker has not yet been scheduled before it is canceled, the reconnect-pending bit...

7.5CVSS5.7AI score0.00523EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 8:16 a.m.11 views

CVE-2026-52939

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...

5.5CVSS0.00114EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52939

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...

5.7AI score0.00114EPSS
Exploits0References11
CVE
CVE
added 2026/06/24 7:14 a.m.35 views

CVE-2026-52939

CVE-2026-52939 is addressed by the Debian/Ubuntu Linux kernel fixes in the 6.1.y series. Debian LTS advisories (DLA-4671, DLA-4665) indicate linux-6.1 packages are updated to mitigate this issue, e.g., Debian 11/12 updates shipping linux-6.1 with CVE-2026-52939 included and patched versions such ...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/06/24 7:14 a.m.10 views

EUVD-2026-38709

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...

5.8AI score0.00114EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/06/24 7:14 a.m.9 views

CVE-2026-52939

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...

5.5CVSS5.7AI score0.00114EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51889

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the functions rds for each conn info and rds walk conn path info pass a caller-allocated on-stack u64 buffer to a per-connection visitor. The...

6.2AI score0.00176EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-52939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or...

5.5CVSS6AI score0.00114EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.13 views

Ubuntu 20.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-8462-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8462-1 advisory. It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A...

9.8CVSS7.2AI score0.96267EPSS
Exploits283References15
OSV
OSV
added 2026/06/22 11:17 p.m.3 views

USN-8462-1 linux-oracle-5.15 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.1AI score0.96267EPSS
Exploits283References15
Ubuntu
Ubuntu
added 2026/06/22 11:1 p.m.9 views

USN-8388-2: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS7AI score0.93235EPSS
Exploits57
OSV
OSV
added 2026/06/22 11:1 p.m.4 views

USN-8388-2 linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.4AI score0.93235EPSS
Exploits57References7
Rows per page
Query Builder