Lucene search
K

347 matches found

NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53153

In the Linux kernel, the following vulnerability has been resolved: mm/listlru: drain before clearing xarray entry on reparent memcgreparentlistlrus clears the dying memcg's xarray entry with xasstore&xas, NULL before reparenting its per-node lists into the parent. This opens a window where a...

7.8CVSS0.00102EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.29 views

CVE-2026-53153 mm/list_lru: drain before clearing xarray entry on reparent

In the Linux kernel, the following vulnerability has been resolved: mm/listlru: drain before clearing xarray entry on reparent memcgreparentlistlrus clears the dying memcg's xarray entry with xasstore&xas, NULL before reparenting its per-node lists into the parent. This opens a window where a...

7.8CVSS0.00102EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39244

In the Linux kernel, the following vulnerability has been resolved: mm/listlru: drain before clearing xarray entry on reparent memcgreparentlistlrus clears the dying memcg's xarray entry with xasstore&xas, NULL before reparenting its per-node lists into the parent. This opens a window where a...

5.8AI score0.00102EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.6 views

CVE-2026-53153

In the Linux kernel, the following vulnerability has been resolved: mm/listlru: drain before clearing xarray entry on reparent memcgreparentlistlrus clears the dying memcg's xarray entry with xasstore&xas, NULL before reparenting its per-node lists into the parent. This opens a window where a...

7.8CVSS5.7AI score0.00102EPSS
Exploits0
CVE
CVE
added 2026/06/25 8:38 a.m.17 views

CVE-2026-53153

CVE-2026-53153 affects the Linux kernel memcg list_lru path. A race during memcg_reparent_list_lrus() clears the dying memcg’s xarray entry before reparenting per-node lists, letting concurrent list_lru_del/walk operate on the parent and corrupt next/prev pointers. The fix reverses the order: rep...

7.8CVSS5.8AI score0.00102EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38815

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

5.7AI score0.00135EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the qrtr port remove function where the socket reference count is decremented using sock put before the port is removed from the qrtr ports XArray and before the RCU...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References10
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfs: Fixed missing xasretry calls during xarray iteration. netfslib has several places where it performs iteration of an xarray while being under the RCU read lock. It should call xasretry as the first step inside the loop. ...

5.5CVSS6.3AI score0.0014EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Added missing lock protection when polling. A missing lock protection was added to the poll routine when iterating the xarray. Otherwise, even with the RCU read lock held, only the slot of the radix tree is guaranteed...

5.5CVSS6.2AI score0.00165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: NFS: Fixed the issue with nfsnetfsissueread’s xarray locking for writeback interrupts. The loop within nfsnetfsissueread currently does not disable interrupts while iterating through the pages in the xarray to submit NFS read...

5.5CVSS6.3AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fixed a race condition when gathering fdinfo group samples The commit e16635d88fa0 "drm/panthor: add DRM fdinfo support" failed to protect access to groups using an xarray lock, which could lead to use-after-free...

4.7CVSS6.1AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mm/shmem: Disable the PMD-sized page cache if necessary. For shmem files, it’s possible that a PMD-sized page cache cannot be supported by xarray. For example, a 512MB page cache on ARM64 when the base page size is 64KB cannot be...

5.5CVSS6AI score0.00211EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/06/01 2:15 p.m.5 views

mahoraga (>=0.5.1 <=0.6.0), pixi-browse (>=0.0.1 <=0.0.13) +2 more potentially affected by CVE-2026-47425 via py-rattler (>=0.22.0 <=0.23.2)

py-rattler PYPI version =0.22.0, =0.5.1, =0.0.1, =0.1.0, =0.8.0 Source cves: CVE-2026-47425 Source advisory: OSV:GHSA-Q53Q-5R4J-5729...

5.7AI score0.00058EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.11 views

SUSE CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
NVD
NVD
added 2026/05/27 2:17 p.m.11 views

CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/05/27 2:17 p.m.5 views

UBUNTU-CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:56 p.m.2 views

CVE-2026-46038

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.42 views

CVE-2026-46038 net: qrtr: ns: Free the node during ctrl_cmd_bye()

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

0.00123EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/27 12:56 p.m.13 views

EUVD-2026-32419

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrlcmdbye A node sends the BYE packet when it is about to go down. So the nameserver should advertise the removal of the node to all remote and local observers and free the node finally. But...

5.8AI score0.00123EPSS
Exploits0References5
CVE
CVE
added 2026/05/27 12:56 p.m.34 views

CVE-2026-46038

CVE-2026-46038 relates to the Linux kernel net: qrtr: ns path where a node’s memory is leaked after processing BYE, because the node is not freed in ctrl_cmd_bye() failure or success. The fix removes the node from the Xarray and frees memory in both outcomes. Reported CVSS 3.1/3.1_VECTORS via NVD...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder