Lucene search
K

31252 matches found

RedHat Linux
RedHat Linux
added yesterday4 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS6.2AI score0.00104EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday3 views

kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources

A flaw was found in the Linux kernel on ARM processors. A race condition in Translation Lookaside Buffer Invalidation TLBI operations during memory permission changes allows a local attacker to write to memory resources owned by higher privilege levels. This could allow an unprivileged local...

9.1CVSS6.5AI score0.00474EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday4 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00287EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday6 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS6.2AI score0.00104EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday5 views

kernel: procfs: fix missing RCU protection when reading real_parent in do_task_stat()

A flaw was found in the Linux kernel's procfs component. When reading /proc/pid/stat, the dotaskstat function accesses task-realparent without proper Read-Copy-Update RCU protection. This missing protection creates a race condition, which can lead to a Use-After-Free UAF vulnerability. A local...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday4 views

kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF

A flaw was found in the Linux kernel's eventpoll mechanism. A Use-After-Free UAF vulnerability, where the system attempts to access memory after it has been freed, can occur during the removal of a file. A local attacker could exploit this race condition to corrupt memory, potentially leading to...

7.8CVSS7.3AI score0.00124EPSS
Exploits1References5
NVD
NVD
added 2 days ago4 views

CVE-2026-43927

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow allows an authenticated client to apply a promo code beyond its configured maximum uses. By sending concurrent checkout requests before any single request...

6.9CVSS0.0022EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-43927

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, a race condition in the cart checkout flow allows an authenticated client to apply a promo code beyond its configured maximum uses. By sending concurrent checkout requests before any single request...

6.9CVSS6AI score0.0022EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2 days ago8 views

CVE-2026-25271

The CVE describes a TOCTOU race condition in Qualcomm DSP Service causing memory corruption when processing asynchronous input parameters due to improper handling of modified values between check and use. Affected component: DSP Service (Qualcomm). Root cause: TOCTOU under asynchronous input para...

7.8CVSS6AI score0.00088EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-25271 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service

Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use...

7.8CVSS0.00088EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2 days ago2 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.6AI score0.00287EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2 days ago6 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...

9.8CVSS6.3AI score0.004EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2 days ago4 views

kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service

A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...

7.8CVSS7AI score0.00124EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2 days ago8 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6AI score0.00287EPSS
Exploits0References5
OSV
OSV
added 2 days ago3 views

UBUNTU-CVE-2026-53361

In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...

5.8AI score0.00171EPSS
Exploits0References7
CVE
CVE
added 4 days ago16 views

CVE-2026-53361

The CVE-2026-53361 vulnerability affects the Linux kernel’s af_unix path, where unix_gc() could observe gc_in_progress as false due to race conditions when scheduling GC work. The fix sets gc_in_progress to true inside unix_gc(), addressing a window where GC could be re-entered or confused by MSG...

5.8AI score0.00171EPSS
Exploits0References4
NVD
NVD
added 5 days ago4 views

CVE-2026-55945

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Edge Chromium-based allows an authorized attacker to disclose information locally...

4.2CVSS0.00148EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-58299

Time-of-check time-of-use toctou race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score0.00276EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago5 views

CVE-2026-55945

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Edge Chromium-based allows an authorized attacker to disclose information locally...

4.2CVSS6AI score0.00148EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-41645

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Edge Chromium-based allows an authorized attacker to disclose information locally...

4.2CVSS6AI score0.00148EPSS
Exploits0References1
Rows per page
Query Builder