Lucene search
K

1403 matches found

RedHat Linux
RedHat Linux
added 2026/07/08 6:13 a.m.3 views

kernel: net: mana: Fix double destroy_workqueue on service rescan PCI path

A flaw was found in the Linux kernel's mana network driver. This vulnerability, a use-after-free, occurs when the PCI service rescan path attempts to destroy an already-freed workqueue a second time. A local attacker could exploit this condition to cause a system crash, leading to a denial of...

7.8CVSS5.9AI score0.00118EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/07/08 12:22 a.m.38 views

CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...

5.4CVSS0.00394EPSS
Exploits0References6
CVE
CVE
added 2026/07/08 12:22 a.m.28 views

CVE-2026-55433

Coder: Devcontainer recreate endpoint lacked ActionUpdate authorization, allowing read-only workspace roles to trigger destructive rebuilds. Affected versions prior to 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusted by the endpoint; fix adds ActionUpdate check before dialing the agent, mirroring the d...

5.4CVSS6AI score0.00394EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/07/08 12:22 a.m.7 views

CVE-2026-55433 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, perform...

5.4CVSS6AI score0.00394EPSS
Exploits0References8
OSV
OSV
added 2026/07/07 4:41 p.m.8 views

GO-2026-5922 Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder

Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers in github.com/coder/coder...

5.4CVSS5.9AI score0.00394EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/06 9:21 p.m.4 views

kernel: net: mana: Fix double destroy_workqueue on service rescan PCI path

A flaw was found in the Linux kernel's mana network driver. This vulnerability, a use-after-free, occurs when the PCI service rescan path attempts to destroy an already-freed workqueue a second time. A local attacker could exploit this condition to cause a system crash, leading to a denial of...

7.8CVSS6.9AI score0.00118EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 9:9 p.m.4 views

GHSA-JQJ2-X4C5-JFXM Coder: Devcontainer recreate endpoint missing write authorization allows read-only roles to destroy containers

Summary The devcontainer recreate endpoint relied on route middleware that checked only ActionRead on the workspace and, unlike the sibling delete endpoint, performed no ActionUpdate check before triggering the destructive rebuild. Note: Exploitation requires an existing low-privilege role with...

5.4CVSS6AI score0.00394EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 6:31 a.m.5 views

OESA-2026-2869 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A...

9.8CVSS6.2AI score0.00595EPSS
Exploits2References46
AlmaLinux
AlmaLinux
added 2026/07/06 12:0 a.m.20 views

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fs/smb/client: fix out-of-bounds read in cifssanitizeprepath CVE-2026-43112 kernel: net: mana: Fix double destroyworkqueue on service rescan PCI path CVE-2026-43276 kernel: Linux kernel:...

9.3CVSS6.6AI score0.0053EPSS
Exploits1References24
ATTACKERKB
ATTACKERKB
added 2026/07/01 1:32 p.m.7 views

CVE-2026-53349

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: destroy stale expectfn expectations on unregister NAT helpers such as nfnath323 store a raw pointer to module text in exp-expectfn e.g. ipnatq931expect. nfcthelperexpectfnunregister only unlinks the callba...

5.8AI score0.00161EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/29 11:4 a.m.10 views

CVE-2026-53278

A flaw was found in the Linux kernel's armmpam component. This vulnerability occurs when the destroycomponentcfg function is called from mpamdisable before the configuration array has been properly allocated. This can lead to a null pointer dereference, potentially causing a system crash and...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:17 p.m.2 views

DEBIAN-CVE-2026-53278

In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53278

In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...

5.5CVSS0.00107EPSS
Exploits0References2
OSV
OSV
added 2026/06/26 8:17 p.m.14 views

UBUNTU-CVE-2026-53278

In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 7:40 p.m.8 views

EUVD-2026-39883

In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...

5.8AI score0.00107EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 10:41 a.m.5 views

EUVD-2026-39645

A flaw was found in KubeVirt's migration proxy. When spec.configuration.migrations.disableTLS is set to true on the KubeVirt custom resource, the target virt-handler binds a plain TCP listener on all interfaces 0.0.0.0/:: on a random port with no authentication, peer allow-list, or handshake toke...

8.5CVSS5.8AI score0.00175EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.12 views

PT-2026-52917

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs when the destroy component cfg function is called from mpam disable before the configuration array has been allocated. The function attempts to use an...

5.5CVSS6AI score0.00107EPSS
Exploits0References13
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53226

In the Linux kernel, the following vulnerability has been resolved: gpio: rockchip: fix generic IRQ chip leak on remove The driver allocates domain generic chips using irqallocdomaingenericchips during probe. However, on driver remove/teardown, the generic chips are not automatically freed when t...

5.5CVSS0.00122EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.8 views

CVE-2026-53197

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...

5.5CVSS0.00097EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.7 views

CVE-2026-53141

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SETGLOBAL ioctl, v3dperfmonfind bumps the reference count on the perfmon it returns, but v3dperfmonsetglobalioctl and v3dperfmondelete fail to release that referen...

5.5CVSS0.00121EPSS
Exploits0References3
Rows per page
Query Builder