Lucene search
K

814 matches found

NVD
NVD
added 2026/06/24 8:16 a.m.14 views

CVE-2026-52938

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL pointer dereference in bpfskstorageclone and diag paths bpfselemunlinknofail sets SDATAselem-smap to NULL before removing the selem from the storage hlist. A concurrent RCU reader in bpfskstorageclone can observe th...

5.5CVSS0.001EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 8:16 a.m.8 views

CVE-2026-52917

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

7.1CVSS0.00126EPSS
Exploits0References8
OSV
OSV
added 2026/06/24 8:16 a.m.8 views

UBUNTU-CVE-2026-52938

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL pointer dereference in bpfskstorageclone and diag paths bpfselemunlinknofail sets SDATAselem-smap to NULL before removing the selem from the storage hlist. A concurrent RCU reader in bpfskstorageclone can observe th...

5.5CVSS5.6AI score0.001EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 8:16 a.m.3 views

UBUNTU-CVE-2026-52917

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

7.1CVSS5.6AI score0.00126EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.37 views

CVE-2026-52938 bpf: Fix NULL pointer dereference in bpf_sk_storage_clone and diag paths

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL pointer dereference in bpfskstorageclone and diag paths bpfselemunlinknofail sets SDATAselem-smap to NULL before removing the selem from the storage hlist. A concurrent RCU reader in bpfskstorageclone can observe th...

0.001EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.8 views

CVE-2026-52938

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix NULL pointer dereference in bpfskstorageclone and diag paths bpfselemunlinknofail sets SDATAselem-smap to NULL before removing the selem from the storage hlist. A concurrent RCU reader in bpfskstorageclone can observe th...

5.7AI score0.001EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/24 7:14 a.m.43 views

CVE-2026-52917

Summary (concrete details from provided sources): CVE-2026-52917 fixes a Linux kernel SCTP diagnostics flaw in the sock_diag lookup during the dump_one path. The issue occurs when an SCTP association has been freed but is still being reported, allowing the code to dereference an invalid associati...

7.1CVSS5.7AI score0.00126EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52917

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

5.7AI score0.00126EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/06/24 7:14 a.m.11 views

EUVD-2026-38720

In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after sctpassociationfree has marked the association dead and freed its bin...

5.7AI score0.00126EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.18 views

PT-2026-51731

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference exists in the BPF Berkeley Packet Filter subsystem. The function bpf selem unlink nofail sets the smap variable to NULL before removing the element from the...

5.5CVSS5.8AI score0.001EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-52917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: diag: reject stale associations in dumpone path The SCTP exact sockdiag lookup can hold a transport reference, block on locksocksk, and then resume after...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.11 views

CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

8.7CVSS5.7AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2026/05/25 11:16 p.m.17 views

CVE-2026-9514

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. Impacted is the function setNetworkDiag of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument NetDiagHost/NetDiagPingNum/NetDiagPingSize/NetDiagPingTimeOut/NetDiagTracertHop is...

6.5CVSS0.01803EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/25 10:45 p.m.35 views

CVE-2026-9514 Totolink CA750-PoE Setting cstecgi.cgi setNetworkDiag os command injection

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. Impacted is the function setNetworkDiag of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument NetDiagHost/NetDiagPingNum/NetDiagPingSize/NetDiagPingTimeOut/NetDiagTracertHop is...

6.5CVSS0.01803EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 10:45 p.m.13 views

CVE-2026-9514

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. Impacted is the function setNetworkDiag of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument NetDiagHost/NetDiagPingNum/NetDiagPingSize/NetDiagPingTimeOut/NetDiagTracertHop is...

6.5CVSS6.4AI score0.01803EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/20 7:23 a.m.10 views

MAL-2026-4481 Malicious code in arc-diag-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95f08d97107d726a6ae90afbf8e354b84a7e13d4a236bc8766180a362cc8344c On npm install, the package's postinstall hook runs id to capture the installer's uid/gid/group identity and opens a raw TCP socket to...

5.8AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.11 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xsk: Fixed an use-after-free error during socket cleanup. A use-after-free error could occur if the xskdiag interface is used after the socket has been unbound from the device. This can happen either due to the socket being...

7.8CVSS6.7AI score0.00141EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: s390/diag: fixed the issue ofracy access to the physical CPU number in the diag 9c handler. We currently check if the target CPU equals -1, but this may change at a later time when we will use this functionality. We store th...

7.8CVSS6.2AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: i40e: Fixed the call trace in setuptxdescriptors. After a PF reset and using ethtool -t, there was a call trace in dmesg. Sometimes this led to a panic. After some time, approximately 5 seconds, between a reset and a test, the...

5.5CVSS6.3AI score0.00276EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: CFI: Fixed the use of cfislowpathdiag with cpuidle. The use of RCUNONIDLE during cfislowpathdiag can result in an invalid RCU state in the cpuidle code path. WARNING: CPU: 1, PID: 0, at kernel/rcu/tree.c:613, rcueqsenter+0xe4/0x1...

5.5CVSS5.9AI score0.00243EPSS
Exploits0References2
Rows per page
Query Builder