Lucene search
K

453 matches found

Cvelist
Cvelist
added 2026/05/08 2:22 p.m.30 views

CVE-2026-43459 ASoC: soc-core: flush delayed work before removing DAIs and widgets

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS0.00113EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:22 p.m.5 views

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

5.8AI score0.00113EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/08 2:22 p.m.16 views

CVE-2026-43459

CVE-2026-43459 concerns the Linux kernel ASoC subsystem: when unbinding a sound card while a PCM stream is active, a use-after-free can occur due to teardown ordering. The fix adds a flush in soc_cleanup_card_resources() after snd_card_disconnect_sync() and before soc_remove_dais()/soc_remove_lin...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2026/05/08 2:22 p.m.7 views

CVE-2026-43459

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in sndsocdapmstreamevent, called from the closedelayedwork workqueue handler...

7.3CVSS5.7AI score0.00113EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/08 2:21 p.m.30 views

CVE-2026-43415 scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed after ufshcdvopssuspendhba, pmop, POSTCHANGE. This creates a race...

0.00089EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-39120

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the ALSA System on Chip ASoC core. When a sound card is unbound while a PCM stream is open, the close delayed work workqueue handler calls snd soc dapm...

7.3CVSS5.5AI score0.00113EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.12 views

PT-2026-39076

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ufshcd wl suspend function. The cancel delayed work sync call is positioned after ufshcd vops suspend, allowing ufshcd rtc work to run while ufshcd vops...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-43459

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a use-after-free can occur in...

7.3CVSS5.8AI score0.00113EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ufs: core: Fix SError in ufshcdrtcwork during UFS suspend In ufshcdwlsuspend, canceldelayedworksync is called to cancel the UFS RTC work, but it is placed...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/06 1:43 a.m.12 views

SUSE CVE-2026-31731

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermalzonepmcomplete and thermalzonedeviceresume re-initialize the pollqueue delayed work for the given thermal zone, the canceldelayedworksync in...

5.7AI score0.00125EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31731

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thermal: core: Address thermal zone removal races with resume Since thermalzonepmcomplete and thermalzonedeviceresume re-initialize the pollqueue delayed work f...

7.8CVSS6.9AI score0.00125EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/01 2:14 p.m.2 views

CVE-2026-31731

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermalzonepmcomplete and thermalzonedeviceresume re-initialize the pollqueue delayed work for the given thermal zone, the canceldelayedworksync in...

5.7AI score0.00125EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/01 2:14 p.m.9 views

EUVD-2026-26544

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermalzonepmcomplete and thermalzonedeviceresume re-initialize the pollqueue delayed work for the given thermal zone, the canceldelayedworksync in...

5.8AI score0.00125EPSS
Exploits0References4
CVE
CVE
added 2026/05/01 2:14 p.m.16 views

CVE-2026-31731

In CVE-2026-31731, the Linux kernel thermal management subsystem has a race where a thermal zone removal during resume can cause use-after-free. Root cause: thermal_zone_pm_complete() and thermal_zone_device_resume() re-initialize the poll_queue delayed work, so cancel_delayed_work_sync() in ther...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.6 views

PT-2026-36366

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the thermal core due to race conditions during thermal zone removal and resume operations. The functions thermal zone pm complete and thermal zone device...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/04/25 1:38 a.m.6 views

SUSE CVE-2026-31595

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...

4.7CVSS5.5AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/24 7:16 p.m.9 views

CVE-2026-31595

A flaw was found in the Linux kernel's pci-epf-vntb module. This vulnerability occurs due to improper handling of the cmdhandler work during the epfntbepccleanup process. If the delayed work is not disabled before clearing BAR mappings and doorbells, the handler can attempt to access resources th...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References4
NVD
NVD
added 2026/04/24 3:16 p.m.4 views

CVE-2026-31656

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intelengineparkheartbeat A use-after-free / refcount underflow is possible when the heartbeat worker and intelengineparkheartbeat race to release the same engine-heartbeat.systole request. T...

7.8CVSS0.00117EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.35 views

CVE-2026-31595 PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...

0.00123EPSS
Exploits0References7
CVE
CVE
added 2026/04/24 2:42 p.m.21 views

CVE-2026-31595

CVE-2026-31595 affects the Linux kernel PCI endpoint driver for the vntb (pci-epf-vntb) where the cleanup path epf_ntb_epc_cleanup does not disable the delayed work before clearing BAR mappings and doorbells. The referenced details describe that if the delayed work isn’t disabled, the cmd_handler...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder