Lucene search
+L

424 matches found

f5
f5
added 2026/06/25 4:26 p.m.18 views

K000161867: Linux kernel vulnerabilities CVE-2026-23291, CVE-2026-23292, CVE-2026-23298, and CVE-2026-23304

Security Advisory Description CVE-2026-23291 In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was...

5.5CVSS5.8AI score0.00129EPSS
Exploits0Affected Software1
astralinux
astralinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nvmet-fc: Avoid scheduling association deletion twice. When forcibly shutting down a port via the configfs interface, nvmetportsubsysdroplink first calls nvmetportdelctrls, and then nvmetdisableport. Both functions will eventuall...

5.8AI score0.00205EPSS
Exploits0References3
astralinux
astralinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: PCI: Endpoint – Avoid creating sub-groups asynchronously Asynchronous creation of sub-groups by a delayed operation could lead to a NULL pointer dereference when the driver directory is removed before the operation completes. The...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: gpio: virtuser: fix UAF in configfs release path The gpio-virtuser configfs release path uses a guard mutex to protect the device structure. However, the device is freed before the mutex cleanup runs, causing mutexunlock to opera...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References2
astralinux
astralinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nullblk: The issue of kmemleak was fixed by releasing references to fault-configfs items. When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating configfs items such as...

5.7AI score0.00206EPSS
Exploits0References2
nessus
nessus
added 2026/06/18 12:0 a.m.12 views

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23032)

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...

5.7AI score0.00206EPSS
Exploits0References3
osv
osv
added 2026/05/29 1:34 p.m.16 views

OESA-2026-2493 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix recursive locking in configfsopenfile In flushwritebuffer, &p-fragsem is acquired and then the loaded store function is called, which, here, is...

8.1CVSS5.6AI score0.00389EPSS
Exploits0References31
mscve
mscve
added 2026/05/29 8:5 a.m.10 views

scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()

...

7.1CVSS5.4AI score0.00139EPSS
Exploits0
susecve
susecve
added 2026/05/29 1:16 a.m.11 views

SUSE CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

5.5CVSS5.7AI score0.00139EPSS
Exploits0References3
nessus
nessus
added 2026/05/29 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then wi...

7.1CVSS6AI score0.00139EPSS
Exploits0References3
nvd
nvd
added 2026/05/28 10:16 a.m.16 views

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS0.00139EPSS
Exploits0References8
osv
osv
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS5.7AI score0.00139EPSS
Exploits0References8
cve
cve
added 2026/05/28 9:40 a.m.26 views

CVE-2026-46216

The CVE-2026-46216 issue affects the Linux kernel drm/xe/hdcp module. When media GT is disabled via configfs, media_gt may be NULL, causing intel_hdcp_gsc_check_status() to dereference an invalid address and trigger a kernel pagefault. The fix adds a NULL check on media_gt and returns early if NU...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References4Affected Software1
cve
cve
added 2026/05/28 9:36 a.m.41 views

CVE-2026-46149

Summary: CVE-2026-46149 affects the Linux kernel SCSI target subsystem, specifically the configfs path in tg_pt_gp_members_show(). The function formats LUN paths with snprintf() into a 256-byte stack buffer and then copies cur_len bytes via memcpy(), but snprintf() may return a length that exceed...

7.1CVSS5.7AI score0.00139EPSS
Exploits0References8Affected Software1
osv
osv
added 2026/05/28 9:36 a.m.2 views

CVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS5.8AI score0.00139EPSS
Exploits0References11
debiancve
debiancve
added 2026/05/28 9:36 a.m.12 views

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS5.7AI score0.00139EPSS
Exploits0
attackerkb
attackerkb
added 2026/05/28 9:36 a.m.11 views

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS5.7AI score0.00139EPSS
Exploits0References9Affected Software1
cvelist
cvelist
added 2026/05/28 9:36 a.m.39 views

CVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS0.00139EPSS
Exploits0References8
euvd
euvd
added 2026/05/28 9:36 a.m.11 views

EUVD-2026-32776

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

5.7AI score0.00139EPSS
Exploits0References5
susecve
susecve
added 2026/05/28 3:54 a.m.10 views

SUSE CVE-2026-46009

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to do later. This leads to an oops when .allowlink fails or when .droplink is performed. Remove t...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
Rows per page
Query Builder