Lucene search
K

722 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.4 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006725 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by...

7.8CVSS6AI score0.00167EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.1 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006667 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svcdeferredevent trace class Fix a NULL deref crash that occurs when an svcrqst i...

5.5CVSS6.7AI score0.00246EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/04/03 11:25 p.m.5 views

SUSE CVE-2026-31404

In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks svcexportput calls pathput and authdomainput immediately when the last reference drops, before the RCU grace period. RCU readers in eshow and cshow access both expath via...

4.7CVSS5.8AI score0.00121EPSS
Exploits0References12
OSV
OSV
added 2026/04/03 4:16 p.m.6 views

UBUNTU-CVE-2026-31404

In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks svcexportput calls pathput and authdomainput immediately when the last reference drops, before the RCU grace period. RCU readers in eshow and cshow access both expath via...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/04/03 3:16 p.m.1 views

CVE-2026-31404

In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks svcexportput calls pathput and authdomainput immediately when the last reference drops, before the RCU grace period. RCU readers in eshow and cshow access both expath via...

5.8AI score0.00121EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/03 3:16 p.m.12 views

CVE-2026-31404

In CVE-2026-31404, the Linux kernel NFSD component suffers a Use-After-Free: svc_export_put() releases sub-objects (path_put, auth_domain_put) immediately, before the RCU grace period, risking NULL pointer dereferences when cache_clean drops references concurrently. Fixes described in the CVE not...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/04/03 3:16 p.m.21 views

CVE-2026-31404 NFSD: Defer sub-object cleanup in export put callbacks

In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks svcexportput calls pathput and authdomainput immediately when the last reference drops, before the RCU grace period. RCU readers in eshow and cshow access both expath via...

7.8CVSS0.00121EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/04/03 2:16 p.m.3 views

CVE-2026-23423

In the Linux kernel, the following vulnerability has been resolved: btrfs: free pages on error in btrfsuringreadextent In this function the 'pages' object is never freed in the hopes that it is picked up by btrfsuringreadfinished whenever that executes in the future. But that's just the happy pat...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30187

In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks svc export put calls path put and auth domain put immediately when the last reference drops, before the RCU grace period. RCU readers in e show and c show access both ex path...

5.8AI score0.00121EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-23355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ata: libata: cancel pending work after clearing deferredqc Syzbot reported a WARNON in...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/27 8:55 p.m.6 views

CVE-2026-33904 Ella Core has a Denial of Service via SCTP connection cleanup deadlock

Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, a deadlock in the AMF's SCTP notification handler causes the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to hang, resulting in a denia...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References3
OSV
OSV
added 2026/03/26 9:27 p.m.1 views

GHSA-VFG3-PQPQ-93M4 OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete

Summary Tlon cite expansion happened before channel and DM authorization completed, allowing cite work and content handling before the final auth decision. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

5.3CVSS5.9AI score0.00247EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2026/03/26 9:27 p.m.19 views

OpenClaw: Tlon cite expansion happens before channel and DM authorization is complete

Summary Tlon cite expansion happened before channel and DM authorization completed, allowing cite work and content handling before the final auth decision. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

7.3CVSS5.8AI score0.00247EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.9 views

PT-2026-28563

Name of the Vulnerable Software and Affected Versions Ella Core versions prior to 1.7.0 Description A deadlock in the AMF's SCTP notification handler can cause the entire AMF control plane to hang until the process is restarted. An attacker with access to the N2 interface can cause Ella Core to...

7.5CVSS5.9AI score0.60368EPSS
Exploits18References46
SUSE CVE
SUSE CVE
added 2026/03/25 4:55 p.m.4 views

SUSE CVE-2026-23355

In the Linux kernel, the following vulnerability has been resolved: ata: libata: cancel pending work after clearing deferredqc Syzbot reported a WARNON in atascsideferredqcwork, caused by ap-ops-qcdefer returning non-zero before issuing the deferred qc. atascsischeduledeferredqc is called during...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/25 1:39 p.m.2 views

CVE-2026-23355

A flaw was found in the Linux kernel's libata subsystem. This vulnerability occurs due to improper handling of deferred work. When ap-deferredqc is cleared, the associated queued work is not canceled, leading to the work being executed at an inappropriate time. This can result in a WARNON...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/25 12:30 p.m.9 views

EUVD-2026-15325

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

5.5AI score0.00125EPSS
Exploits0References8
EUVD
EUVD
added 2026/03/25 12:30 p.m.5 views

EUVD-2026-15330

In the Linux kernel, the following vulnerability has been resolved: ata: libata: cancel pending work after clearing deferredqc Syzbot reported a WARNON in atascsideferredqcwork, caused by ap-ops-qcdefer returning non-zero before issuing the deferred qc. atascsischeduledeferredqc is called during...

5.8AI score0.00122EPSS
Exploits0References5
NVD
NVD
added 2026/03/25 11:16 a.m.0 views

CVE-2026-23395

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...

8.8CVSS0.00249EPSS
Exploits0References8
NVD
NVD
added 2026/03/25 11:16 a.m.2 views

CVE-2026-23355

In the Linux kernel, the following vulnerability has been resolved: ata: libata: cancel pending work after clearing deferredqc Syzbot reported a WARNON in atascsideferredqcwork, caused by ap-ops-qcdefer returning non-zero before issuing the deferred qc. atascsischeduledeferredqc is called during...

5.5CVSS0.00122EPSS
Exploits0References4
Rows per page
Query Builder