CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: schedext: Fixed an issue where picktaskscx picks non-quoted tasks when it is called without balance. a6250aa251ea “schedext”: Added a workaround for cases where picktaskscx is called without preceding balancescx. This workarou...

5.5CVSS6.5AI score0.00086EPSS

Tenable Nessus•added 2026/05/20 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Fix starvation of scxenable under fair-class saturation During scxenable, the READY - ENABLED task switching loop changes the calling thread's...

RedhatCVE•added 2026/05/15 11:38 a.m.•6 views

CVE-2026-43326

A flaw was found in the Linux kernel, specifically within the schedext component. This vulnerability can lead to a system-wide deadlock, causing a Denial of Service DoS where the system becomes unresponsive. The issue arises when the kernel's scheduling mechanism enters a busy-wait state in a...

Debian CVE•added 2026/05/13 3:8 p.m.•3 views

CVE-2026-43482

In the Linux kernel, the following vulnerability has been resolved: schedext: Disable preemption between scxclaimexit and kicking helper work scxclaimexit atomically sets exitkind, which prevents scxerror from triggering further error handling. After claiming exit, the caller must kick the helper...

5.7AI score0.00023EPSS

Exploits0

Tenable Nessus•added 2026/05/13 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43438

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Remove redundant cssput in scxcgroupinit The iterator cssforeachdescendantpre walks the cgroup hierarchy under cgrouplock. It does not increment the...

7.8CVSS5.8AI score0.00013EPSS

RedhatCVE•added 2026/05/09 12:12 a.m.•6 views

CVE-2026-43438

A flaw was found in the Linux kernel's schedext component. This vulnerability is caused by a redundant cssput call in the scxcgroupinit function, leading to a reference count underflow. This can result in a Use-After-Free UAF vulnerability, potentially allowing a local attacker to cause a denial ...

7.8CVSS5.8AI score0.00013EPSS

RedhatCVE•added 2026/05/08 9:45 p.m.•7 views

CVE-2026-43392

A flaw was found in the schedext component of the Linux kernel. This vulnerability allows a local attacker to cause a system hang by exploiting an issue in the scxenable function. The function's task switching loop can lead to indefinite starvation of the enable thread when higher-priority...

EUVD•added 2026/05/08 3:31 p.m.•7 views

EUVD-2026-28698

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix starvation of scxenable under fair-class saturation During scxenable, the READY - ENABLED task switching loop changes the calling thread's schedclass from fair to ext. Since fair has higher priority than ext,...

5.7AI score0.00013EPSS

Exploits0References5

Cvelist•added 2026/05/08 2:21 p.m.•27 views

CVE-2026-43392 sched_ext: Fix starvation of scx_enable() under fair-class saturation

0.00013EPSS

OSV•added 2026/05/08 2:16 p.m.•4 views

UBUNTU-CVE-2026-43326

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target CPU's kicksync advances. Because the irqwork runs in hardirq context,...

5.5CVSS5.7AI score0.00013EPSS

Exploits0References5

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-39053

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sched ext component where the scx enable function can suffer from starvation during the READY to ENABLED task switching loop. This occurs because the calling...

5.8AI score0.00013EPSS

Exploits0References8

Tenable Nessus•added 2026/05/08 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-43326

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Fix SCXKICKWAIT deadlock by deferring wait to balance callback SCXKICKWAIT busy-waits in kickcpusirqworkfn using smpcondloadacquire until the target...

SUSE CVE•added 2026/05/06 1:43 a.m.•5 views

Exploits0References3

SUSE CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

5.8AI score0.00015EPSS

Exploits0References3

Tenable Nessus•added 2026/05/05 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-31733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non- SCXDSQINVALID triggering a spurious warning in markdirectdispatch...

5.5CVSS5.8AI score0.00015EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: Corrected incorrect autogroup migration detection. The function scxmovetask is called from schedmovetask, and it informs the BPF scheduler that cgroup migration is being performed. schedmovetask is used for both cgroup...

5.5CVSS6.2AI score0.00012EPSS