Lucene search
+L

264 matches found

UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.14 views

CVE-2026-46095

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmapstatemachine in both llbitmapstartwrite and llbitmapstartdiscard. This ensures the barrier is in place before a...

5.5CVSS6AI score0.00121EPSS
Exploits0References6
OSV
OSV
added 2026/05/20 1:16 p.m.12 views

ALPINE-CVE-2026-5950

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

5.3CVSS5.8AI score0.00551EPSS
Exploits1References1
NVD
NVD
added 2026/05/20 1:16 p.m.13 views

CVE-2026-5950

An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause severe resource exhaustion by sending queries that trigger specific retry conditions. This issue affects BIND 9 versions 9.18.36 throu...

5.3CVSS0.00551EPSS
Exploits1References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux - Vulnerability in linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free after 802.3ad slave unbind commit 0622cab0341c "bonding: fix 802.3ad aggregator reselection", resolves a case where there are multiple aggregation groups in the same bond. bond3adunbindslave...

7.8CVSS6.2AI score0.00281EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as a RS485 port, the tx statemachine is used to control the RTS pin to drive the RS485 transceiver’s TXEN pin. When the TTY port is closed mid-transmission e.g....

5.5CVSS5.6AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.12 views

ISC BIND 9 安全漏洞

ISC BIND 9 is a domain name system software developed by the ISC organization. ISC BIND 9 has a security vulnerability that stems from an unlimited recursive loop within the resolver’s state machine. This vulnerability could allow remote unauthenticated attackers to cause severe resource...

5.3CVSS5.8AI score0.00551EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.9 views

PT-2026-42165

Name of the Vulnerable Software and Affected Versions BIND 9 versions 9.18.36 through 9.18.48 BIND 9 versions 9.20.8 through 9.20.22 BIND 9 versions 9.21.7 through 9.21.21 BIND 9 versions 9.18.36-S1 through 9.18.48-S1 BIND 9 versions 9.20.9-S1 through 9.20.22-S1 Description An unbounded resend lo...

5.3CVSS5.8AI score0.00551EPSS
Exploits1References47
Microsoft CVE
Microsoft CVE
added 2026/05/07 8:7 a.m.9 views

drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35

...

5.5CVSS5.8AI score0.00112EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/06 8:58 p.m.12 views

CVE-2026-43191

A flaw was found in the Linux kernel's AMD display drm/amd/display component. An issue occurs when the physical layer's finite state machine PHY FSM incorrectly transitions during the disabling of Transition Minimized Differential Signaling TMDS output on DCN35 hardware. This can cause the Output...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 12:16 p.m.13 views

CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS0.00523EPSS
Exploits0References8
OSV
OSV
added 2026/05/06 11:28 a.m.3 views

CVE-2026-43226 net/rds: No shortcut out of RDS_CONN_ERROR

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS6.5AI score0.00523EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.7 views

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.8AI score0.00112EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.17 views

CVE-2026-43191

CVE-2026-43191 concerns the Linux kernel DRM/AMD display path, specifically the PHY FSM transition from TX_EN to PLL_ON for TMDS on DCN35. The issue stems from a backport from DCN401 intended to fix turning off the PHY PLL during TMDS disable, which could cause OTG to hang and affect DCHVM invali...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.6 views

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

5.5CVSS5.8AI score0.00112EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the atomicization of the PHY FSM conversion in the DRM and display mechanisms. This vulnerability...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.15 views

PT-2026-37531

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amd/display component where disabling TMDS output turns off the PHY PLL Phase-Locked Loop, causing the OTG Output Timing Generator to remain stuck. This state...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References13
Hacker One
Hacker One
added 2026/04/29 7:44 a.m.30 views

curl: MQTT state machine confusion: PINGRESP/DISCONNECT with non-zero remaining_length dispatches to stale nextstate

Summary: In lib/mqtt.c, the state machine in mqttdoing lines 894-911 in curl 8.20.0 does not validate that PINGRESP 0xD0 and DISCONNECT 0xE0 packets have remaininglength == 0 as required by MQTT 3.1.1 spec sections 3.13.1 and 3.14.1. A malicious broker can send a PINGRESP fixed header with non-ze...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.14 views

PT-2026-37135

Name of the Vulnerable Software and Affected Versions GoBGP versions prior to 4.4.0 Description A remote Denial of Service DoS issue exists due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as "Well-known," the daemon fails to...

7.5CVSS5.8AI score0.00503EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/26 4:27 p.m.1 views

CVE-2026-27814

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race C++ UB triggered by an A 1-phase ↔ 3-phase switch request acswitchthreephaseswhilecharging during charging/waiting executes concurrently with the state machine loop. Version 2026.02.0 contains a patch...

4.2CVSS5.8AI score0.00134EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/26 4:27 p.m.5 views

EUVD-2026-16222

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race C++ UB triggered by an A 1-phase ↔ 3-phase switch request acswitchthreephaseswhilecharging during charging/waiting executes concurrently with the state machine loop. Version 2026.02.0 contains a patch...

4.2CVSS5.8AI score0.00134EPSS
Exploits0References1
Rows per page
Query Builder