Lucene search
K

51406 matches found

EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38955

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

5.8AI score0.00376EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:30 p.m.8 views

CVE-2026-53071

CVE-2026-53071 concerns the Linux kernel Bluetooth L2CAP implementation. The flaw arises when l2cap_ecred_reconf_rsp() deletes a channel without holding l2cap_chan_lock(), unlike other callers which acquire the lock first. This can allow a remote BLE device to corrupt the channel list while anoth...

8.8CVSS5.8AI score0.00146EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.25 views

CVE-2026-53071 Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Add missing chan lock in l2capecredreconfrsp l2capecredreconfrsp calls l2capchandel without holding l2capchanlock. Every other l2capchandel caller in the file acquires the lock first. A remote BLE device can sen...

8.8CVSS0.00146EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38933

In the Linux kernel, the following vulnerability has been resolved: ASoC: sti: use managed regmapfield allocations The regmapfield objects allocated at player init are never freed and may leak resources if the driver is removed. Switch to devmregmapfieldalloc to automatically limit the lifetime o...

5.7AI score0.00172EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53062

The CVE-2026-53062 entry describes a Linux kernel flaw in the dm-cache policy smq in passthrough mode where invalidate_mapping is invoked concurrently by multiple workers without proper locking. This race can cause data races on the allocated blocks counter and potential use-after-free issues in ...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38931

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix write hang in passthrough mode The invalidateremove function has incomplete logic for handling write hit bios after cache invalidation. It sets up the remapping for the overwritebio but then drops it immediately...

5.7AI score0.0018EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38930

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: fix missing locks in invalidating cache blocks In passthrough mode, the policy invalidatemapping operation is called simultaneously from multiple workers, thus it should be protected by a lock. Otherwise, we...

5.7AI score0.00125EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38929

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix dirty mapping checking in passthrough mode switching As mentioned in commit 9b1cc9f251af "dm cache: share cache-metadata object across inactive and active DM tables", dm-cache assumed table reload occurs after...

5.7AI score0.00176EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.25 views

CVE-2026-53059 dm log: fix out-of-bounds write due to region_count overflow

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but dmsectordivup returns sectort 64-bit. When a device-mapper target has a...

0.0013EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38927

In the Linux kernel, the following vulnerability has been resolved: dm log: fix out-of-bounds write due to regioncount overflow The local variable regioncount in createlogcontext is declared as unsigned int 32-bit, but dmsectordivup returns sectort 64-bit. When a device-mapper target has a...

5.8AI score0.0013EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 4:30 p.m.6 views

CVE-2026-53059

CVE-2026-53059 affects the Linux kernel device-mapper log (dm_log) component. The root cause is an integer overflow: region_count is 32-bit, while dm_sector_div_up() returns 64-bit, so a large ti->len with a small region_size can overflow UINT_MAX. This truncation leads to undersized bitsets a...

6.3CVSS5.8AI score0.0013EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/24 4:30 p.m.4 views

EUVD-2026-38925

In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Add IOTINVAL after updating DDT/PDT entries Add riscviommuiodiriotinval to perform required TLB and context cache invalidations after updating DDT or PDT entries, as mandated by the RISC-V IOMMU specification Section...

5.7AI score0.00127EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 4:29 p.m.4 views

EUVD-2026-38921

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

5.7AI score0.00128EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.26 views

CVE-2026-53053 iommu/amd: Fix clone_alias() to use the original device's devid

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

8.8CVSS0.00128EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:29 p.m.6 views

CVE-2026-53053

The CVE-2026-53053 issue lies in the Linux kernel’s iommu/amd driver where clone_alias() incorrectly uses the wrong device ID (devid) for alias devices, risking propagation of wrong or stale Device Table Entries (DTEs). The fix passes the original pdev as opaque data to both clone_alias() and pci...

8.8CVSS5.7AI score0.00128EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 4:29 p.m.5 views

EUVD-2026-38910

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

5.8AI score0.00166EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:29 p.m.9 views

CVE-2026-53042

In CVE-2026-53042, the Linux kernel vulnerability stems from an initialization order: CXL is linked before fwctl in drivers/Makefile, causing fwctl_register to run before fwctl_init, so fwctl_class isn’t registered when device_add is called. This makes class_to_subsys() return NULL, skipping knod...

5.8AI score0.00166EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.26 views

CVE-2026-53025 greybus: raw: fix use-after-free on cdev close

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.9 views

CVE-2026-53025

Summary of CVE-2026-53025 : The Linux kernel’s Greybus raw subsystem is affected by a use-after-free when a raw bundle is disconnected while its chardev remains open, leading to a kernel panic and potential DoS. The issue occurs because the cdev can be released after freeing memory, creating an i...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/24 4:29 p.m.5 views

CVE-2026-53014

CVE-2026-53014 : In the Linux kernel, the net/sched component (act_mirred) had a bug in tcf_blockcast_redir where the mac_header_xmit flag was checked on the wrong device during redirection across multiple devices. The loop sends to dev_prev but queries dev_is_mac_header_xmit(dev), which checks t...

5.7AI score0.00168EPSS
Exploits0References4
Rows per page
Query Builder