733 matches found
CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
CVE-2026-43376
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...
CVE-2026-43376 ksmbd: fix use-after-free by using call_rcu() for oplock_info
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...
CVE-2026-43376
CVE-2026-43376 affects ksmbd in the Linux kernel. The vulnerability arises from freeing oplock_info with kfree() while it can still be accessed under RCU read-side critical sections (e.g., opinfo_get), allowing a use-after-free. The fixes across connected reports switch to deferred freeing via ca...
CVE-2026-43374
Summary: CVE-2026-43374 affects the Linux kernel networking code (net: nexthop). The vuln arises when removing a nexthop from a group: remove_nh_grp_entry() publishes the new group via rcu_assign_pointer() and then immediately frees the removed entry’s percpu stats with free_percpu(), while the s...
CVE-2026-43374
In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...
PT-2026-39035
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the remove nh grp entry function. The system publishes a new group using rcu assign pointer and immediately frees the removed...
PT-2026-39037
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ksmbd module. The system frees the oplock info structure immediately using kfree, while it is still being accessed under RCU Read-Copy-Update read-si...
SUSE CVE-2026-43074
In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...
CVE-2026-43074
CVE-2026-43074 affects the Linux kernel eventpoll code. The vulnerability arises from ep_free() freeing the eventpoll structure while still in use by another thread, creating a use-after-free (UAF). The fix defers kfree() of the epi->ep struct to an RCU grace period to prevent UAF; multiple so...
CVE-2026-31733
In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...
Linux Distros Unpatched Vulnerability : CVE-2026-31481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registrati...
SUSE CVE-2026-31665
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix use-after-free in timeout object destroy nftcttimeoutobjdestroy frees the timeout object with kfree immediately after nfctuntimeout, without waiting for an RCU grace period. Concurrent packet processing on...
DEBIAN-CVE-2026-31665
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix use-after-free in timeout object destroy nftcttimeoutobjdestroy frees the timeout object with kfree immediately after nfctuntimeout, without waiting for an RCU grace period. Concurrent packet processing on...
CVE-2026-31665
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix use-after-free in timeout object destroy nftcttimeoutobjdestroy frees the timeout object with kfree immediately after nfctuntimeout, without waiting for an RCU grace period. Concurrent packet processing on...
CVE-2026-31578
In the Linux kernel, the following vulnerability has been resolved: media: as102: fix to not free memory after the device is registered in as102usbprobe In as102usb driver, the following race condition occurs: CPU0 CPU1 as102usbprobe kzalloc; // alloc as102devt .... usbregisterdev; fd =...
SUSE CVE-2026-31481
In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...
EUVD-2026-24841
In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...
CVE-2026-31481
In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...
CVE-2026-31481 tracing: Drain deferred trigger frees if kthread creation fails
In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registration can fail before the trigger-data cleanup kthread exists. Deferring those frees until late init is fine, but the post-boot fallback mus...