34423 matches found
CVE-2026-52991
A flaw was found in the Linux kernel's Pressure Stall Information PSI subsystem. A race condition exists between the file release and pressure write operations, specifically concerning the priv member of struct kernfsopenfile. This can lead to a use-after-free vulnerability or a NULL dereference,...
CVE-2026-53020
A flaw was found in the Linux kernel. A race condition can occur during Translation Lookaside Buffer TLB synchronization when the page table is traversed and modified without properly holding the necessary page table lock. This vulnerability may allow for unpredictable system behavior or...
CVE-2026-53109
A flaw was found in the Linux kernel's powerpc page table fragment handling. During process exit, a race condition can occur where a page table fragment's active flag is not properly cleared. This can lead to a "bad page state" error, potentially causing system instability or a Denial of Service...
CVE-2026-52990
A flaw was found in the Linux kernel. A local attacker could exploit a race condition in the fsnotifyrecalcmask function, which fails to properly handle an inode reference. This improper handling can lead to an inode reference leak, causing tasks to hang and resulting in a Denial of Service DoS f...
CVE-2026-53269
A flaw was found in the Linux kernel's netfilter synproxy component. This vulnerability is caused by a race condition during the on-demand registration of netfilter hooks. A local user with privileges to modify netfilter rules could exploit this flaw by concurrently adding iptables targets or...
CVE-2026-53239
A flaw was found in the Linux kernel. A race condition exists in the xfrm policy handling, specifically within the xfrmpolicybyselctx function. This flaw allows for a use-after-free vulnerability, where memory is accessed after it has been released. This can lead to system instability or a denial...
K000161919: BIND vulnerability CVE-2026-5947
Security Advisory Description Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as...
SUSE CVE-2026-53145
In the Linux kernel, the following vulnerability has been resolved: drm/gem: Try to fix changehandle ioctl, attempt 4 airlied: just added some comments on how to reenable On-list because the cat is out of the bag and we're clearly not good enough to figure this out in private. The story thus far:...
SUSE CVE-2026-53207
In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...
SUSE CVE-2026-53239
In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix use-after-free on inexact bin in xfrmpolicybyselctx Fix the race by pruning the bin while still holding xfrmpolicylock, before dropping it. Use xfrmpolicyinexactprunebin directly since the lock is already held...
SUSE CVE-2026-53273
In the Linux kernel, the following vulnerability has been resolved: tee: optee: prevent use-after-free when the client exits before the supplicant Commit 70b0d6b0a199 "tee: optee: Fix supplicant wait loop" made the client wait as killable so it can be interrupted during shutdown or after a...
CVE-2026-53160
A flaw was found in the Linux kernel's fastrpc component. A race condition in the fastrpcmapcreate function allows for a use-after-free vulnerability. This could enable an attacker to cause system instability, disclose sensitive information, or potentially execute unauthorized code...
CVE-2026-48933
A flaw in Node.js WebCrypto implementation can crash the process if the input of subtle.encrypt is a multiple of 2GiB. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-53262
A flaw was found in the Linux kernel's pppol2tp module. This Use-After-Free UAF vulnerability arises from improper handling of session references within the pppol2tpioctl function. A local attacker could exploit this by triggering a race condition during data copying, leading to the dereferencing...
CVE-2026-53161
A flaw was found in the Linux kernel's fastrpc module. A race condition between closing a file descriptor and processing Digital Signal Processor DSP responses can lead to a use-after-free vulnerability. This allows a local attacker to potentially cause a system crash or, in some cases, execute...
Oracle Linux 9 : libcap (ELSA-2026-19346)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19346 advisory. 2.48-10.1 - Fix TOCTOU race condition in capsetfile CVE-2026-4878 Resolves: RHEL-169312 Tenable has extracted the preceding description block directly from the...
CVE-2026-52945
A flaw was found in the Linux kernel's WireGuard component. Under heavy network load, particularly when used with Cilium, the threaded NAPI New API implementation can cause the decryption side for a WireGuard peer to stop processing traffic. This leads to a complete stall of network communication...
CVE-2026-53117
A flaw was found in the Linux kernel, specifically within the s390/cio component. When a driver is being probed, a race condition can occur where the driveroverride field is accessed without proper locking. This can lead to a Use-After-Free UAF vulnerability, which may result in system instabilit...
CVE-2026-53034
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF and sockmap components, specifically within the afunix socket operations. A race condition occurs during the connection process where a socket's state is updated before its peer is fully assigned. This timing issue can lead to a...
GO-2026-5668 Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap in github.com/docker/docker
Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap in github.com/docker/docker...