Lucene search
K

12 matches found

OSV
OSV
added 2026/06/25 6:43 p.m.4 views

GO-2026-5228 Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence in github.com/juju/juju

Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence in github.com/juju/juju...

6.4CVSS5.8AI score0.00243EPSS
Exploits1References4
NVD
NVD
added 2026/05/27 2:17 p.m.14 views

CVE-2026-46093

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: take vmappurgelock in shrinker decayvapoolnode can be invoked concurrently from two paths: purgevmaparealazy when pools are being purged, and the shrinker via vmapnodeshrinkscan. However, decayvapoolnode is not safe t...

7.8CVSS0.00127EPSS
Exploits0References3
CVE
CVE
added 2026/05/08 2:22 p.m.29 views

CVE-2026-43437

CVE-2026-43437 affects the Linux kernel ALSA PCM subsystem (snd_pcm_drain). The issue is a use-after-free in the drain path: during drain, runtime is reassigned to a linked stream’s runtime and after releasing the stream lock, runtime fields (no_period_wakeup, rate, buffer_size) are accessed with...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.8 views

CVE-2026-43371

In the Linux kernel, the following vulnerability has been resolved: net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on an AMD ZynqMp board, the rootfs may take an extended time to recover after a suspend. Upon investigation, it was determined that...

5.8AI score0.00123EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/10 9:0 p.m.9 views

Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence

Summary The localLoginHandlers struct in the Juju API server maintains an in-memory map to store discharge tokens following successful local authentication. This map is accessed concurrently from multiple HTTP handler goroutines without any synchronization primitive protecting it. The absence of ...

6.4CVSS5.8AI score0.00243EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/03/25 12:30 p.m.13 views

EUVD-2026-15263

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

5.7AI score0.00122EPSS
Exploits0References5
NVD
NVD
added 2026/03/25 11:16 a.m.2 views

CVE-2026-23316

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

5.5CVSS0.00122EPSS
Exploits0References4
OSV
OSV
added 2026/03/25 11:16 a.m.4 views

UBUNTU-CVE-2026-23316

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.2 views

CVE-2026-23316

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

5.6AI score0.00122EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/03/25 10:27 a.m.18 views

CVE-2026-23316 net: ipv4: fix ARM64 alignment fault in multipath hash seed

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

0.00122EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/19 12:27 a.m.5 views

SUSE CVE-2026-23255

In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptypeseqshow and provided a patch. Real issue is that ptypeseqnext and ptypeseqshow violate RCU rules. ptypeseqshow runs under rcureadlock, an...

4.7CVSS5.6AI score0.00114EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987205)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987205 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: flower: protect flwalk with rcu Patch that refactored flwalk to use...

7.8CVSS5.9AI score0.00244EPSS
Exploits0References4
Rows per page
Query Builder