Lucene search
K

228 matches found

RedhatCVE
RedhatCVE
added 2026/03/25 4:34 p.m.3 views

CVE-2026-23394

A flaw was found in the Linux kernel's afunix component. A race condition exists between the MSGPEEK operation and the garbage collection process. This can allow a local user to cause the garbage collector to incorrectly purge the receive queue of an alive socket, potentially leading to a denial ...

5.5CVSS5.7AI score0.00089EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/25 1:43 p.m.4 views

CVE-2026-23289

A flaw was found in the Linux kernel's IB/mthca component. A local user could exploit this vulnerability by triggering a system call failure path related to the mthcacreatesrq function. This oversight leads to a missed unmapping of user database resources, resulting in a resource leak...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/25 12:30 p.m.11 views

EUVD-2026-15218

In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...

5.7AI score0.00123EPSS
Exploits0References7
CVE
CVE
added 2026/03/25 10:33 a.m.32 views

CVE-2026-23394

CVE-2026-23394 – af_unix GC race with MSG_PEEK (Linux kernel) : A race between MSG_PEEK and garbage collection can cause the GC to incorrectly GC dead sockets, since MSG_PEEK silently bumps a file refcount. The issue originates from a change in the current GC algorithm and the removal of the lock...

4.7CVSS5.7AI score0.00089EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.27 views

CVE-2026-23377 ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

0.001EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.1 views

CVE-2026-23377

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.8AI score0.001EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.2 views

CVE-2026-23377

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.5CVSS5.5AI score0.001EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/03/25 10:26 a.m.2 views

CVE-2026-23289

In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...

5.5CVSS5.2AI score0.00123EPSS
Exploits0
OSV
OSV
added 2026/03/25 10:26 a.m.6 views

CVE-2026-23289 IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()

In the Linux kernel, the following vulnerability has been resolved: IB/mthca: Add missed mthcaunmapuserdb for mthcacreatesrq Fix a user triggerable leak on the system call failure path...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an incorrect configuration of the XDP RxQ fragsize field, which may lead to negative tail space...

5.5CVSS6AI score0.001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.6 views

PT-2026-36467

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel between the lec atm close function setting priv-lecd to NULL and concurrent access to priv-lecd within the send to lecd, lec handle bridge, an...

7.7CVSS5.4AI score0.00119EPSS
Exploits0References476
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005442)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005442 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, t...

7.8CVSS6.3AI score0.00142EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/04 4:7 p.m.4 views

CVE-2026-23057

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

5.2AI score0.00166EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-36972)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36972 advisory. - In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under...

7.5CVSS6.6AI score0.0067EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/16 12:24 a.m.8 views

CVE-2024-48077

NanoMQ v0.22.7 is vulnerable to Denial of Service DoS due to improper resource throttling. A crafted sequence of requests causes the recv-q queue to saturate, leading to the rapid exhaustion of system file descriptors FDs. This exhaustion triggers a process crash, rendering the broker unable to...

7.5CVSS5.9AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 2026/01/15 8:16 p.m.6 views

CVE-2024-48077

An issue in nanomq v0.22.7 allows attackers to cause a Denial of Service DoS via a crafted request. The number of data packets received in the recv-q queue of the Nanomq process continues to increase, causing the nanomq broker to fall into a deadlock and be unable to provide normal services...

7.5CVSS5.5AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/15 12:0 a.m.3 views

CVE-2024-48077

NanoMQ v0.22.7 is vulnerable to Denial of Service DoS due to improper resource throttling. A crafted sequence of requests causes the recv-q queue to saturate, leading to the rapid exhaustion of system file descriptors FDs. This exhaustion triggers a process crash, rendering the broker unable to...

5.9AI score0.00315EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/15 12:0 a.m.7 views

CVE-2024-48077

An issue in nanomq v0.22.7 allows attackers to cause a Denial of Service DoS via a crafted request. The number of data packets received in the recv-q queue of the Nanomq process continues to increase, causing the nanomq broker to fall into a deadlock and be unable to provide normal services...

7.5CVSS5.5AI score0.00315EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/01/14 12:29 a.m.2 views

kernel: i40e: add validation for ring_len param

A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...

5.8AI score0.00193EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-6127

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the vsock/virtio subsystem related to buffer coalescing in the receive queue. Specifically, the code attempts to join a linear skb socket buffer...

6.8AI score0.00166EPSS
Exploits0
Rows per page
Query Builder