1618 matches found
CVE-2026-10635
On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...
kernel: net: af_can: do not leave a dangling sk pointer in can_create()
In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
SUSE CVE-2026-46274
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...
CVE-2026-46274
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...
UBUNTU-CVE-2026-46274
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...
CVE-2026-46274
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...
CVE-2026-46274
CVE-2026-46274 (Linux kernel, io_wq) has concrete details: a bug in io_wq_remove_pending() allowed a non-hashed predecessor to be treated as hashed, causing a stale pointer in wq->hash_tail[] to persist and be dereferenced by future hashed bucket-0 enqueues. The root cause is that io_get_work_...
PT-2026-47326
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description A flaw exists in the io wq remove pending function where it fails to verify if a predecessor entry is hashed when updating the wq-hash tail array. When a hashed bucket-0 work item is...
Linux Distros Unpatched Vulnerability : CVE-2026-46274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash...
CVE-2026-6722
A flaw was found in PHP's SOAP extension. This vulnerability allows a remote attacker to execute arbitrary code on the affected system. The issue stems from a use-after-free error in the object deduplication mechanism, which can be triggered by sending a specially crafted SOAP request. This allow...
SUSE CVE-2026-33278
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...
CLSA-2026-1779535502 unbound: Fix of CVE-2026-33278
CVE-2026-33278: possible remote code execution during DNSSEC validation via a dangling rrsets pointer in dnsmsgdeepcopyregion exposed by the backported KeyTrap mitigation...
CLSA-2026-1779533909 unbound: Fix of 3 CVEs
CVE-2026-33278: dangling pointer dereference in dnsmsgdeepcopyregion during DS sub-query suspend/resume; the previously-backported CVE-2023-50387-CVE-2023-50868.patch dragged the vulnerable 'res-rep = origin-rep;' struct-assignment into our 1.16.2 tree. Save the destination rrsets pointer,...
CLSA-2026-1779467733 unbound: Fix of CVE-2026-33278
CVE-2026-33278: fix dangling pointer use-after-free in dnsmsgdeepcopyregion...
CLSA-2026-1779467038 unbound: Fix of CVE-2026-33278
CVE-2026-33278: fix dangling pointer use-after-free in dnsmsgdeepcopyregion...
kernel: net: af_can: do not leave a dangling sk pointer in can_create()
In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...
CVE-2026-33278
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...
CVE-2026-33278
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: xfs: Do not perform irele after failing to perform iget in xfsattrirecoverwork. xlogrecoveryiget never sets @ip to a valid pointer if it returns an error; therefore, this irele will cause a dangling pointer. This issue has bee...