Lucene search
K

453 matches found

OSV
OSV
added 2026/04/06 8:16 a.m.9 views

UBUNTU-CVE-2026-31406

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini After canceldelayedworksync is called from xfrmnatkeepalivenetfini, xfrmstatefini flushes remaining states via xfrmstatedelete, which calls...

7.8CVSS5.7AI score0.00159EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/04/06 7:38 a.m.30 views

CVE-2026-31406 xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini After canceldelayedworksync is called from xfrmnatkeepalivenetfini, xfrmstatefini flushes remaining states via xfrmstatedelete, which calls...

7.8CVSS0.00159EPSS
Exploits0References4
CVE
CVE
added 2026/04/06 7:38 a.m.19 views

CVE-2026-31406

The CVE-2026-31406 issue is a race in the Linux kernel xfrm path during network cleanup. After cancel_delayed_work_sync() is invoked from xfrm_nat_keepalive_net_fini(), xfrm_state_fini() flushes states and __xfrm_state_delete() calls xfrm_nat_keepalive_state_updated(), which can re-schedule nat_k...

7.8CVSS5.7AI score0.00159EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:38 a.m.5 views

CVE-2026-31406

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini After canceldelayedworksync is called from xfrmnatkeepalivenetfini, xfrmstatefini flushes remaining states via xfrmstatedelete, which calls...

5.7AI score0.00159EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2026/04/06 7:38 a.m.2 views

CVE-2026-31406

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini After canceldelayedworksync is called from xfrmnatkeepalivenetfini, xfrmstatefini flushes remaining states via xfrmstatedelete, which calls...

7.8CVSS5.2AI score0.00159EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.3 views

PT-2026-30574

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the xfrm subsystem related to the handling of delayed work cancellation in xfrm nat keepalive net fini. Specifically, the use of cancel delayed wo...

7.8CVSS5.7AI score0.00159EPSS
Exploits0References34
UbuntuCve
UbuntuCve
added 2026/04/06 12:0 a.m.5 views

CVE-2026-31406

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrmnatkeepalivenetfini After canceldelayedworksync is called from xfrmnatkeepalivenetfini, xfrmstatefini flushes remaining states via xfrmstatedelete, which calls...

7.8CVSS5.7AI score0.00159EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/03/25 4:54 p.m.6 views

SUSE CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

7CVSS5.7AI score0.001EPSS
Exploits0References22
EUVD
EUVD
added 2026/03/25 12:30 p.m.6 views

EUVD-2026-15394

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

5.7AI score0.001EPSS
Exploits0References5
NVD
NVD
added 2026/03/25 11:16 a.m.3 views

CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

7.8CVSS0.001EPSS
Exploits0References4
OSV
OSV
added 2026/03/25 11:16 a.m.5 views

UBUNTU-CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

7.8CVSS5.7AI score0.001EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/03/25 11:16 a.m.5 views

CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

7.8CVSS5.7AI score0.001EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/25 10:33 a.m.3 views

CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

5.6AI score0.001EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/03/25 10:33 a.m.18 views

CVE-2026-23393

CVE-2026-23393 – Linux kernel (bridge/cfm) race fix : A race during peer MEP deletion could occur because br_cfm_frame_rx() could re-schedule ccm_rx_dwork while peer_mep is freed under RCU, risking use-after-free. The fix replaces cancel_delayed_work_sync() with disable_delayed_work_sync() in bot...

7.8CVSS5.7AI score0.001EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/25 10:33 a.m.2 views

CVE-2026-23393 bridge: cfm: Fix race condition in peer_mep deletion

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

7.8CVSS5.7AI score0.001EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/25 10:33 a.m.25 views

CVE-2026-23393 bridge: cfm: Fix race condition in peer_mep deletion

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

7.8CVSS0.001EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-23393

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However,...

7.8CVSS6.1AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/03/11 12:27 a.m.6 views

SUSE CVE-2026-23240

In the Linux kernel, the following vulnerability has been resolved: tls: Fix race condition in tlsswcancelworktx This issue was discovered during a code audit. After canceldelayedworksync is called from tlsskprotoclose, txworkhandler can still be scheduled from paths such as the Delayed ACK handl...

7CVSS5.7AI score0.0049EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-23240

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tls: Fix race condition in tlsswcancelworktx This issue was discovered during a code audit. After canceldelayedworksync is called from tlsskprotoclose,...

9.8CVSS5.8AI score0.0049EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/10 6:31 p.m.2 views

EUVD-2026-10575

In the Linux kernel, the following vulnerability has been resolved: tls: Fix race condition in tlsswcancelworktx This issue was discovered during a code audit. After canceldelayedworksync is called from tlsskprotoclose, txworkhandler can still be scheduled from paths such as the Delayed ACK handl...

5.6AI score0.0049EPSS
Exploits0References5
Rows per page
Query Builder