Lucene search
+L

489 matches found

osv
osv
added 2026/07/01 1:32 p.m.3 views

CVE-2026-53331 slimbus: qcom-ngd-ctrl: Avoid ABBA on tx_lock/ctrl->lock

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...

5.8AI score0.00172EPSS
Exploits0References10
cvelist
cvelist
added 2026/07/01 1:32 p.m.38 views

CVE-2026-53326 debugobjects: Don't call fill_pool() in early boot hardirq context

In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't call fillpool in early boot hardirq context When booting a debug PREEMPTRT kernel on an ARM64 system, a "inconsistent HARDIRQ-ON-W - IN-HARDIRQ-W usage" lockdep warning message was reported to the console...

0.00172EPSS
Exploits0References6
cve
cve
added 2026/06/26 7:40 p.m.21 views

CVE-2026-53293

CVE-2026-53293 : In the Linux kernel’s AMDGPU driver, the AMDGPU_INFO_READ_MMR_REG path had multiple issues: an incorrect order between the reset semaphore and the mm_lock (e.g., copy_to_user was called while holding the lock), memory allocation while holding the reset semaphore (risking deadlock...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References5Affected Software1
susecve
susecve
added 2026/06/26 2:10 a.m.7 views

SUSE CVE-2026-53187

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

7.1CVSS5.8AI score0.00129EPSS
Exploits0References3
susecve
susecve
added 2026/06/26 2:9 a.m.6 views

SUSE CVE-2026-53231

In the Linux kernel, the following vulnerability has been resolved: net: phy: don't try to setup PHY-driven SFP cages when using genphy We don't have support for PHY-driver SFP cages with the genphy code. On top of that, it was found by sashiko that running sfpbusaddupstream for genphy deadlocks,...

5.5CVSS5.8AI score0.00087EPSS
Exploits0References3
euvd
euvd
added 2026/06/25 8:39 a.m.8 views

EUVD-2026-39225

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...

5.9AI score0.00126EPSS
Exploits0References6
nvd
nvd
added 2026/06/24 5:17 p.m.18 views

CVE-2026-53106

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not allow deleting local storage in NMI Currently, local storage may deadlock when deferring freeing selem or local storage through kfreercu, callrcu or callrcutaskstrace in NMI or reentrant. Since deleting selem in NMI i...

0.00145EPSS
Exploits0References2
cve
cve
added 2026/06/24 4:29 p.m.11 views

CVE-2026-53018

CVE-2026-53018 affects the Linux kernel f2fs filesystem. The issue occurs during garbage collection when a page has been moved and updated, but the system re-reads it from an outdated location, triggering a kernel BUG in mm/filemap.c and potentially a DoS. The vulnerability is addressed by a comm...

5.5CVSS5.7AI score0.00166EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/06/24 4:29 p.m.3 views

CVE-2026-53018 f2fs: avoid reading already updated pages during GC

In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid reading already updated pages during GC We found the following issue during fuzz testing: page: refcount:3 mapcount:0 mapping:00000000b6e89c65 index:0x18b2dc pfn:0x161ba9 memcg:f8ffff800e269c00 aops:f2fsmetaaops ino:2...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References6
cvelist
cvelist
added 2026/06/24 4:28 p.m.37 views

CVE-2026-52973 futex: Drop CLONE_THREAD requirement for private default hash alloc

In the Linux kernel, the following vulnerability has been resolved: futex: Drop CLONETHREAD requirement for private default hash alloc Currently needfutexhashallocatedefault depends on strict pthread semantics, abusing CLONETHREAD. This breaks the non-concurrency assumptions when doing the...

7.8CVSS0.00134EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ACPI: APEI: Send SIGBUS to the current task if a synchronous memory error is not recovered. If a synchronous error is detected due to a user-space process triggering a 2-bit uncorrected error, the CPU will raise an exception,...

5.5CVSS6AI score0.00147EPSS
Exploits0References4
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: HID: hid-pl: handling probe errors Errors in the init process must be reported back; otherwise, we will follow a NULL pointer the first time FF is used...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References2
osv
osv
added 2026/06/24 9:39 a.m.3 views

SUSE-SU-2026:22479-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: - CVE-2026-23278: netfilter: nftables: always walk all pending catchall elements bsc1260907. - CVE-2026-31402: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache...

9.8CVSS6.2AI score0.0049EPSS
Exploits8References14
redhatcve
redhatcve
added 2026/06/22 12:27 p.m.10 views

CVE-2026-33245

A flaw was found in React Router. This vulnerability, a type of Cross-Site Scripting XSS, affects applications utilizing React Router's unstable React Server Components RSC APIs. A remote attacker could exploit this by sending untrusted redirects, leading to the execution of malicious scripts in...

8CVSS6AI score0.00188EPSS
Exploits0References4
snyk
snyk
added 2026/06/12 2:32 p.m.7 views

Malicious Package

Overview ecto-spectral-leak-8d4e2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.4AI score
Exploits0References2
osv
osv
added 2026/06/12 12:33 a.m.7 views

OPENSUSE-SU-2026:20947-1 Security update for java-21-openj9

This update for java-21-openj9 fixes the following issues: Changes in java-21-openj9: - Make post scripts less noisy bsc1267355 - Use libalternatives instead of update-alternatives for distributions where libalternatives is available - Update to OpenJDK 21.0.11 with OpenJ9 0.59.0 virtual machine ...

9.8CVSS7AI score0.01157EPSS
Exploits2References59
snyk
snyk
added 2026/06/10 2:53 p.m.12 views

Malicious Package

Overview devkitx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score
Exploits0References2
amazon
amazon
added 2026/06/08 12:0 a.m.11 views

Medium: bind

Issue Overview: Limit resolver server list size CVE-2026-3592 Avoid unbounded recursion loop CVE-2026-5950 Affected Packages: bind Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

5.3CVSS5.5AI score0.00551EPSS
Exploits1
nvd
nvd
added 2026/05/28 10:16 a.m.13 views

CVE-2026-46223

In the Linux kernel, the following vulnerability has been resolved: cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant that a subsystem's -cssoffline must not run while tasks are still doin...

5.5CVSS0.00083EPSS
Exploits0References2
euvd
euvd
added 2026/05/28 9:40 a.m.15 views

EUVD-2026-32850

In the Linux kernel, the following vulnerability has been resolved: cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant that a subsystem's -cssoffline must not run while tasks are still doin...

5.7AI score0.00083EPSS
Exploits0References2
Rows per page
Query Builder