910 matches found
CVE-2026-15109
Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path
A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...
kernel: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path
A flaw was found in the Linux kernel, specifically within the RDMA Remote Direct Memory Access vmwpvrdma module. This vulnerability is a double free, which means the system attempts to release the same memory resource twice. This can occur in an error handling path within the pvrdmaallocucontext...
kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()
A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...
kernel: RDMA/rxe: Fix double free in rxe_srq_from_init
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...
kernel: RDMA/rxe: Fix double free in rxe_srq_from_init
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...
EUVD-2026-41179
Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-14385
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2026-14399
Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14402
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-14422
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
CVE-2026-14385
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
kernel: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init()
A flaw was found in the Linux kernel's RDMA/mlx5 component. An error path fall-through in the mlx5ibdevressrqinit function, specifically when ibcreatesrq fails, can lead to the use of freed memory and error pointers. This memory corruption vulnerability could result in system instability, denial ...
EUVD-2026-40496
Inappropriate implementation in Input in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
kernel: RDMA/rxe: Fix double free in rxe_srq_from_init
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe driver. An error in the rxesrqfrominit function's memory management can lead to a double free vulnerability. This occurs when an attempt to copy data to user space fails, causing the sam...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabilit...
kernel: RDMA/umem: Fix double dma_buf_unpin in failure path
A flaw was found in the Linux kernel's RDMA/umem subsystem. A memory management error, specifically a double unpin of a dmabuf, can occur in a failure path during dmabuf pinning operations. This vulnerability could lead to system instability or a crash, resulting in a Denial of Service DoS...
PT-2026-54652
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A heap buffer overflow exists in ANGLE, a graphics abstraction layer, within Google Chrome on Mac. This issue allows a remote attacker to perform out-of-bounds memory access by inducing...
CVE-2026-13874
CVE-2026-13874 describes a race in DataTransfer in Google Chrome (Chromium) prior to version 150.0.7871.47 that could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a data race in the DataTransfer pathway, with a net...
kernel: RDMA/iwcm: Fix workqueue list corruption by removing work_list
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA Internet Wide Area RDMA Protocol iWARP subsystem. Incorrect work submission logic in the iwcm component can lead to multiple queueing of work items. This allows a work item to be processed and freed while still present in the...