Lucene search
K

1055 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftables: clone set on flush only Syzbot with fault injection triggered a failing memory allocation with GFPKERNEL which results in a WARN splat:...

5.5CVSS6.2AI score0.00135EPSS
Exploits0References4
OSV
OSV
added 2026/03/18 6:16 p.m.8 views

UBUNTU-CVE-2026-23249

In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btrees at the same time, after which it needs to evaluate both btrees to confirm that the corruptions a...

5.5CVSS5.7AI score0.00141EPSS
Exploits0References13
ATTACKERKB
ATTACKERKB
added 2026/03/18 5:1 p.m.3 views

CVE-2026-23252

In the Linux kernel, the following vulnerability has been resolved: xfs: get rid of the xchkxfiledescr calls The xchkxfiledescr macros call kasprintf, which can fail to allocate memory if the formatted string is larger than 16 bytes or whatever the nofail guarantees are nowadays. Some of them cou...

5.6AI score0.00122EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/18 5:1 p.m.18 views

CVE-2026-23249

Summary (CVE-2026-23249) : In Linux kernel XFS, during free-space and inode btree repair, revalidation calls xchk_allocbt for BNOBT and CNTBT can race: the first call nullifies the CNTBT cursor, causing a NULL dereference on the second revalidation. The fix changes the control flow so CNTBT curso...

5.5CVSS5.7AI score0.00141EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/18 4:22 p.m.4 views

UBUNTU-CVE-2025-71237

In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fix potential block overflow that cause system hang When a user executes the FITRIM command, an underflow can occur when calculating nblocks if endblock is too small. Since nblocks is of type sectort, which is u64, a...

5.5CVSS5.7AI score0.00118EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/02/17 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-23167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfc: nci: Fix race between rfkill and nciunregisterdevice. syzbot reported the splat below 0 without a repro. It indicates that struct ncidev.cmdwq had been...

4.7CVSS6AI score0.00086EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/02/14 5:15 p.m.8 views

CVE-2026-23199

In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...

5.5CVSS5.7AI score0.0009EPSS
Exploits0References5
OSV
OSV
added 2026/02/14 4:27 p.m.7 views

CVE-2026-23199 procfs: avoid fetching build ID while holding VMA lock

In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...

5.5CVSS5.2AI score0.0009EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/14 4:27 p.m.6 views

CVE-2026-23199

In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...

5.1AI score0.0009EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2026/02/14 4:15 p.m.6 views

CVE-2026-23167

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfkill and nciunregisterdevice. syzbot reported the splat below 0 without a repro. It indicates that struct ncidev.cmdwq had been destroyed before nciclosedevice was called via rfkill. ncidev.cmdwq is...

4.7CVSS5.7AI score0.00086EPSS
Exploits0References28
NVD
NVD
added 2026/02/14 3:16 p.m.4 views

CVE-2026-23119

In the Linux kernel, the following vulnerability has been resolved: bonding: provide a net pointer to skbflowdissect After 3cbf4ffba5ee "net: plumb network namespace into skbflowdissect" we have to provide a net pointer to skbflowdissect, either via skb-dev, skb-sk, or a user provided pointer. In...

5.5CVSS0.00114EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/02/14 3:16 p.m.5 views

CVE-2026-23119

In the Linux kernel, the following vulnerability has been resolved: bonding: provide a net pointer to skbflowdissect After 3cbf4ffba5ee "net: plumb network namespace into skbflowdissect" we have to provide a net pointer to skbflowdissect, either via skb-dev, skb-sk, or a user provided pointer. In...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References28
CVE
CVE
added 2026/02/14 3:9 p.m.24 views

CVE-2026-23119

The CVE-2026-23119 issue in the Linux kernel concerns the bonding driver where a net pointer was not always provided to __skb_flow_dissect() after plumb­ing the network namespace. The lack of a valid net pointer (via skb->dev, skb->sk, or a user pointer) allowed a syzbot-created bare skb to...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/02/14 3:9 p.m.6 views

CVE-2026-23113 io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop

In the Linux kernel, the following vulnerability has been resolved: iouring/io-wq: check IOWQBITEXIT inside work run loop Currently this is checked before running the pending work. Normally this is quite fine, as work items either end up blocking which will create a new worker for other items, or...

5.5CVSS5.3AI score0.00115EPSS
Exploits0References9
CVE
CVE
added 2026/02/14 3:9 p.m.24 views

CVE-2026-23113

CVE-2026-23113 affects the Linux kernel io-uring/io-wq component. The issue stems from not checking IO_WQ_BIT_EXIT in the io_worker_handle_work() loop, causing long exits when processing large pending reads (e.g., 2GB reads from /dev/msr* with >16MB per read). Evidence in the advisory shows th...

5.5CVSS5.3AI score0.00115EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/02/04 5:16 p.m.7 views

UBUNTU-CVE-2026-23072

In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
OSV
OSV
added 2026/01/31 12:16 p.m.3 views

UBUNTU-CVE-2026-23036

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...

5.7AI score0.00194EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.7 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005091)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005091 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: fix possible infinite loop in tcfidrcheckalloc syzbot found hanging tasks...

5.5CVSS6.7AI score0.00286EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.6 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005004)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005004 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found...

8.4CVSS5.7AI score0.00239EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.12 views

SUSE CVE-2026-23011

In the Linux kernel, the following vulnerability has been resolved: ipv4: ipgre: make ipgreheader robust Analog to commit db5b4e39c4e6 "ip6gre: make ip6greheader robust" Over the years, syzbot found many ways to crash the kernel in ipgreheader 1. This involves team or bonding drivers ability to...

5.5CVSS5.2AI score0.00187EPSS
Exploits0References21
Rows per page
Query Builder