Lucene search
K

253 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-53161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - misc: fastrpc: fix use-after-free of fastrpcuser in workqueue context There is a race between fastrpcdevicerelease and the workqueue that processes DSP response...

7.8CVSS6AI score0.00135EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/26 7:40 p.m.7 views

EUVD-2026-39895

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

5.8AI score0.00124EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 7:40 p.m.3 views

CVE-2026-53290 drm/xe/eustall: Fix drm_dev_put called before stream disable in close

In the Linux kernel, the following vulnerability has been resolved: drm/xe/eustall: Fix drmdevput called before stream disable in close In xeeustallstreamclose, drmdevput is called before the stream is disabled and its resources are freed. If this drops the last reference, the device structures...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:38 a.m.7 views

EUVD-2026-39252

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-free of fastrpcuser in workqueue context There is a race between fastrpcdevicerelease and the workqueue that processes DSP responses. When the user closes the file descriptor, fastrpcdevicerelease fre...

5.7AI score0.00135EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:38 a.m.19 views

CVE-2026-53161

The CVE-2026-53161 entry concerns a use-after-free in the Linux kernel fastrpc subsystem. A race between fastrpc_device_release() (on file close) and the workqueue processing DSP responses can free the fastrpc_user while an in-flight DSP invocation is completing, leading to dereferencing freed co...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.32 views

CVE-2026-53161 misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-free of fastrpcuser in workqueue context There is a race between fastrpcdevicerelease and the workqueue that processes DSP responses. When the user closes the file descriptor, fastrpcdevicerelease fre...

7.8CVSS0.00135EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.13 views

PT-2026-52252

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Use-after-free bugs exist in the error paths of the nvmem core. The issue occurs when the nvmem device put function is called, potentially freeing underlying memory and resources, while...

7.8CVSS6AI score0.00125EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52257

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between fastrpc device release and the workqueue processing DSP responses. When a user closes a file descriptor, fastrpc device release frees the fastrpc user...

7.8CVSS6AI score0.00135EPSS
Exploits0References22
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53025

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...

7.8CVSS0.00129EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.29 views

CVE-2026-53025 greybus: raw: fix use-after-free on cdev close

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.9 views

CVE-2026-53025

Summary of CVE-2026-53025 : The Linux kernel’s Greybus raw subsystem is affected by a use-after-free when a raw bundle is disconnected while its chardev remains open, leading to a kernel panic and potential DoS. The issue occurs because the cdev can be released after freeing memory, creating an i...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fixed the handling of device lifecycle in cssallocsubchannel. cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel...

5.5CVSS6AI score0.00126EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.14 views

PT-2026-51919

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the greybus raw component. The problem occurs when a raw bundle is disconnected while its character device chardev remains open by an application. Becaus...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Fixed an unbalanced fwnode reference count in mdiodevicerelease. There is a warning report regarding a refcount leak when probing the mdio device: OF: Error: Memory leak; the expected refcount was 1 instead of 2. The...

5.5CVSS5.9AI score0.00243EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/08 3:41 p.m.45 views

CVE-2026-46283 tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

0.00122EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/08 3:41 p.m.12 views

EUVD-2026-35148

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

5.5AI score0.00122EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the tpmdevrelease function not properly releasing the authentication session using kfreesensitive,...

5.5CVSS5.4AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 9:36 a.m.12 views

EUVD-2026-32792

In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace period. So, either in an RCU call or after the synchronizenet. The...

5.8AI score0.00099EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/28 9:36 a.m.12 views

EUVD-2026-32789

In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls auxiliarydeviceuninit&sfdev-adev. The device release callback icesfdevrelease frees sfdev, but th...

5.8AI score0.00138EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a count leak in the usbdev driver of the ALSA caiaq library. This vulnerability may lead to devic...

5.8AI score0.00123EPSS
Exploits0References5
Rows per page
Query Builder