Lucene search
+L

2004 matches found

Cvelist
Cvelist
added 2026/03/25 10:27 a.m.27 views

CVE-2026-23371 sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix missing ENQUEUEREPLENISH during PI de-boosting Running stress-ng --schedpolicy 0 on an RT kernel on a big machine might lead to the following WARNINGs edited. sched: DL de-boosted task PID 22725: REPLENISH fla...

0.00117EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:27 a.m.3 views

CVE-2026-23371

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix missing ENQUEUEREPLENISH during PI de-boosting Running stress-ng --schedpolicy 0 on an RT kernel on a big machine might lead to the following WARNINGs edited. sched: DL de-boosted task PID 22725: REPLENISH fla...

5.7AI score0.00117EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/03/25 10:27 a.m.5 views

CVE-2026-23371

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix missing ENQUEUEREPLENISH during PI de-boosting Running stress-ng --schedpolicy 0 on an RT kernel on a big machine might lead to the following WARNINGs edited. sched: DL de-boosted task PID 22725: REPLENISH fla...

5.5CVSS5.3AI score0.00117EPSS
Exploits0
OSV
OSV
added 2026/03/25 10:27 a.m.10 views

CVE-2026-23371 sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix missing ENQUEUEREPLENISH during PI de-boosting Running stress-ng --schedpolicy 0 on an RT kernel on a big machine might lead to the following WARNINGs edited. sched: DL de-boosted task PID 22725: REPLENISH fla...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References6
CVE
CVE
added 2026/03/25 10:27 a.m.30 views

CVE-2026-23371

CVE-2026-23371 (Linux kernel SCHED_DEADLINE) details (from provided docs): The vulnerability arose when a SCHED_DEADLINE task (often a lock holder) moved to a lower class via sched_setscheduler() and failed to inherit the donor DEADLINE parameters, risking bandwidth accounting corruption because ...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from the possible absence of the ENQUEUEREPLENISH flag during the degradation of the SCHEDDEADLINE...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-23371

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sched/deadline: Fix missing ENQUEUEREPLENISH during PI de-boosting Running stress-ng --schedpolicy 0 on an RT kernel on a big machine might lead to the followin...

5.5CVSS6.1AI score0.00117EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/03/21 8:25 a.m.21 views

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added five security flaws impacting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities KEV catalog, urging federal agencies to patch them by April 3, 2026. The vulnerabilities that have come under...

10CVSS7.5AI score0.99829EPSS
Exploits21
HackRead
HackRead
added 2026/03/13 11:27 a.m.8 views

US Agencies Face CISA Deadline Over Critical Cisco SD-WAN Flaw

US agencies race to meet a CISA deadline after a critical Cisco SD-WAN Flaw exposed federal networks to long-term intrusion and forced security action...

5.8AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2026/03/12 6:0 p.m.11 views

US Lawmakers Move to Kill the FBI’s Warrantless Wiretap Access

A bipartisan bill would force the FBI to get a warrant to read Americans’ messages and ban the federal purchase of commercial data on US residents ahead of a critical April deadline...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/05 4:15 p.m.4 views

CVE-2026-26999 Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (slowloris doS)

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared befor...

7.5CVSS6AI score0.00539EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2026/03/04 6:29 p.m.5 views

Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (Slowloris DOS)

Impact There is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared before the TLS handshake is completed. When a TLS handshake read error occurs, the code...

7.5CVSS6.2AI score0.00539EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2026/03/04 6:29 p.m.2 views

GHSA-XW98-5Q62-JX94 Traefik: tcp router clears read deadlines before tls forwarding, enabling stalled handshakes (Slowloris DOS)

Impact There is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared before the TLS handshake is completed. When a TLS handshake read error occurs, the code...

7.5CVSS6.2AI score0.00539EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.11 views

PT-2026-23084

Name of the Vulnerable Software and Affected Versions Traefik versions prior to 2.11.38 and versions prior to 3.6.9 Description Traefik, an HTTP reverse proxy and load balancer, has an issue in its handling of TLS handshakes on TCP routers. The read deadline used for protocol sniffing is cleared...

9.9CVSS6.1AI score0.22162EPSS
Exploits70References138
The Hacker News
The Hacker News
added 2026/02/21 7:21 a.m.15 views

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2025-49113 CVSS...

9.9CVSS9.4AI score0.94741EPSS
Exploits30
Github Security Blog
Github Security Blog
added 2026/02/12 3:29 p.m.13 views

webtransport-go: CloseWithError can block indefinitely

Summary An attacker can cause a denial of service in webtransport-go by preventing or indefinitely delaying WebTransport session closure. A malicious peer can withhold QUIC flow control credit on the CONNECT stream, blocking transmission of the WTCLOSESESSION capsule and causing the close operati...

7.5CVSS5.7AI score0.00413EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/12 3:29 p.m.7 views

GHSA-PX4R-G4P3-HHQV webtransport-go: CloseWithError can block indefinitely

Summary An attacker can cause a denial of service in webtransport-go by preventing or indefinitely delaying WebTransport session closure. A malicious peer can withhold QUIC flow control credit on the CONNECT stream, blocking transmission of the WTCLOSESESSION capsule and causing the close operati...

5.3CVSS5.7AI score0.00413EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.13 views

PT-2026-4276

Edge Crisis: CISA added two critical vulnerabilities to the Known Exploited Vulnerabilities catalog yesterday. CVE-2026-21809 and CVE-2026-21810 target Citrix Workspace and Ivanti Connect Secure. Federal agencies have until February 11 to remediate...

5.5AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/15 4:40 a.m.6 views

CVE-2025-68780

A scheduling flaw was found in the Linux kernel's SCHEDDEADLINE implementation. The cpudlclear function can incorrectly set the freecpus bit for an offline CPU. This causes deadline tasks to be pushed to powered-down CPUs, where they cannot execute, resulting in task starvation for SCHEDDEADLINE...

5.5CVSS5.2AI score0.00173EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/15 12:26 a.m.5 views

SUSE CVE-2025-68780

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: only set freecpus for online runqueues Commit 16b269436b72 "sched/deadline: Modify cpudl::freecpus to reflect rd-online" introduced the cpudlset/clearfreecpu functions to allow the cpudl::freecpus mask to be...

6.5AI score0.00173EPSS
Exploits0References3
Rows per page
Query Builder