Lucene search
K

176 matches found

OSV
OSV
added 2026/07/02 3:49 p.m.6 views

USN-8498-1 linux-nvidia-tegra vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References298
OSV
OSV
added 2026/07/02 3:24 p.m.10 views

USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...

9.8CVSS6.4AI score0.00686EPSS
Exploits4References300
OSV
OSV
added 2026/07/02 3:2 p.m.9 views

USN-8488-2 linux-raspi vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits19References237
OSV
OSV
added 2026/07/01 4:43 p.m.11 views

USN-8488-1 linux, linux-aws, linux-gcp, linux-ibm, linux-oracle, linux-realtime vulnerabilities

It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information. CVE-2025-54505 Several security issues were discovered in the Linux kernel. An attacker could...

9.8CVSS6.8AI score0.00675EPSS
Exploits19References237
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds ...

8.8CVSS6.1AI score0.00136EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 2:25 p.m.12 views

CVE-2026-53025

A flaw was found in the Linux kernel's Greybus raw subsystem. A local user application could trigger a use-after-free vulnerability by disconnecting a Greybus raw bundle while its associated character device was still open. When the application subsequently attempts to release the character devic...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS0.00136EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.28 views

CVE-2026-53188 RDMA/core: Validate the passed in fops for ib_get_ucaps()

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS0.00136EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39279

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

5.8AI score0.00136EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/04 2:21 a.m.11 views

SUSE CVE-2026-46258

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...

5.8AI score0.001EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/03 8:40 p.m.11 views

CVE-2026-46258

A flaw was found in the Linux kernel's gpio: cdev module. A NULL pointer dereference in the linehandlecreate function can occur, leading to a system crash. This vulnerability could allow a local attacker to cause a Denial of Service DoS...

5.5CVSS5.8AI score0.001EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:49 p.m.8 views

CVE-2026-46258

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...

5.8AI score0.001EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/25 1:38 a.m.8 views

SUSE CVE-2026-31606

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be references to it. That's the case when the /dev/hidg device is still...

6.1CVSS5.5AI score0.00122EPSS
Exploits0References3
NVD
NVD
added 2026/04/24 3:16 p.m.6 views

CVE-2026-31606

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be references to it. That's the case when the /dev/hidg device is still...

5.5CVSS0.00122EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:42 p.m.3 views

CVE-2026-31606

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be references to it. That's the case when the /dev/hidg device is still...

5.4AI score0.00122EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.33 views

CVE-2026-31606 usb: gadget: f_hid: don't call cdev_init while cdev in use

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be references to it. That's the case when the /dev/hidg device is still...

0.00122EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/04/24 2:42 p.m.7 views

CVE-2026-31606

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be references to it. That's the case when the /dev/hidg device is still...

5.5CVSS5.3AI score0.00122EPSS
Exploits0
CVE
CVE
added 2026/04/24 2:42 p.m.11 views

CVE-2026-31606

The CVE-2026-31606 issue affects the Linux kernel USB HID gadget driver. When a /dev/hidg* device is still open, unbind/bind operations can reinitialize a live cdev, which is unsafe and can crash the system. The core problem is calling cdev_init while the cdev is still in use; the fix is to alloc...

5.5CVSS5.4AI score0.00122EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/04/24 2:42 p.m.1 views

CVE-2026-31606 usb: gadget: f_hid: don't call cdev_init while cdev in use

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: don't call cdevinit while cdev in use When calling unbind, then bind again, cdevinit reinitialized the cdev, even though there may still be references to it. That's the case when the /dev/hidg device is still...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.12 views

PT-2026-34958

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the usb gadget f hid component where cdev init is called while the cdev is still in use. This occurs during an unbind and subsequent bind sequence if the '/dev/hidg'...

9.8CVSS5.2AI score0.00525EPSS
Exploits0References319
Rows per page
Query Builder