Lucene search
K

1618 matches found

NVD
NVD
added 2026/06/16 6:16 a.m.11 views

CVE-2026-10635

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

6.3CVSS0.00164EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/06/15 2:29 a.m.5 views

kernel: net: af_can: do not leave a dangling sk pointer in can_create()

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

7.8CVSS6.1AI score0.00226EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/15 2:29 a.m.7 views

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS6.5AI score0.00353EPSS
Exploits4References4
SUSE CVE
SUSE CVE
added 2026/06/09 2:21 a.m.15 views

SUSE CVE-2026-46274

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

7CVSS5.4AI score0.00138EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 4:16 p.m.10 views

CVE-2026-46274

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

7.8CVSS0.00138EPSS
Exploits0References5
OSV
OSV
added 2026/06/08 4:16 p.m.4 views

UBUNTU-CVE-2026-46274

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

8.5CVSS5.3AI score0.00138EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/08 2:30 p.m.8 views

CVE-2026-46274

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

5.3AI score0.00138EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/06/08 2:30 p.m.39 views

CVE-2026-46274

CVE-2026-46274 (Linux kernel, io_wq) has concrete details: a bug in io_wq_remove_pending() allowed a non-hashed predecessor to be treated as hashed, causing a stale pointer in wq->hash_tail[] to persist and be dereferenced by future hashed bucket-0 enqueues. The root cause is that io_get_work_...

7.8CVSS5.4AI score0.00138EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47326

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description A flaw exists in the io wq remove pending function where it fails to verify if a predecessor entry is hashed when updating the wq-hash tail array. When a hashed bucket-0 work item is...

9.8CVSS5.2AI score0.00457EPSS
Exploits1References65
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash...

7.8CVSS6AI score0.00138EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.8 views

CVE-2026-6722

A flaw was found in PHP's SOAP extension. This vulnerability allows a remote attacker to execute arbitrary code on the affected system. The issue stems from a use-after-free error in the object deduplication mechanism, which can be triggered by sending a specially crafted SOAP request. This allow...

9.8CVSS6AI score0.00739EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/30 2:8 a.m.20 views

SUSE CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

8.6CVSS6.5AI score0.01272EPSS
Exploits0References11
OSV
OSV
added 2026/05/23 11:25 a.m.6 views

CLSA-2026-1779535502 unbound: Fix of CVE-2026-33278

CVE-2026-33278: possible remote code execution during DNSSEC validation via a dangling rrsets pointer in dnsmsgdeepcopyregion exposed by the backported KeyTrap mitigation...

10CVSS6.4AI score0.01272EPSS
Exploits0References1
OSV
OSV
added 2026/05/23 10:58 a.m.8 views

CLSA-2026-1779533909 unbound: Fix of 3 CVEs

CVE-2026-33278: dangling pointer dereference in dnsmsgdeepcopyregion during DS sub-query suspend/resume; the previously-backported CVE-2023-50387-CVE-2023-50868.patch dragged the vulnerable 'res-rep = origin-rep;' struct-assignment into our 1.16.2 tree. Save the destination rrsets pointer,...

10CVSS7AI score0.99995EPSS
Exploits1References1
OSV
OSV
added 2026/05/22 4:35 p.m.8 views

CLSA-2026-1779467733 unbound: Fix of CVE-2026-33278

CVE-2026-33278: fix dangling pointer use-after-free in dnsmsgdeepcopyregion...

10CVSS5.8AI score0.01272EPSS
Exploits0References1
OSV
OSV
added 2026/05/22 4:24 p.m.13 views

CLSA-2026-1779467038 unbound: Fix of CVE-2026-33278

CVE-2026-33278: fix dangling pointer use-after-free in dnsmsgdeepcopyregion...

10CVSS5.8AI score0.01272EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/20 1:3 p.m.7 views

kernel: net: af_can: do not leave a dangling sk pointer in can_create()

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

7.8CVSS6.3AI score0.00226EPSS
Exploits0References5
NVD
NVD
added 2026/05/20 10:16 a.m.18 views

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

10CVSS0.01272EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/20 9:18 a.m.10 views

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

10CVSS6.5AI score0.01272EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: xfs: Do not perform irele after failing to perform iget in xfsattrirecoverwork. xlogrecoveryiget never sets @ip to a valid pointer if it returns an error; therefore, this irele will cause a dangling pointer. This issue has bee...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References1
Rows per page
Query Builder