SUSE CVE-2026-23228

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of activenumconn in ksmbdtcpnewconnection On kthreadrun failure in ksmbdtcpnewconnection, the transport is freed via freetransport, which does not decrement activenumconn, leaking this counter. Replace...

CVE-2026-23015

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

CVE-2026-23015

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003051)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003051 advisory. The tcpdisconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service tcpselectwindow divide-by-zero error and...

CVE-2025-39955 tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().

In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. syzbot reported the splat below where a socket had tcpsksk-fastopenrsk in the TCPESTABLISHED state. 0 syzbot reused the server-side TCP Fast Open socket as a new client before the...

CVE-2025-8102

The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.5.0. This is due to missing nonce validations in the eddsendwpdisconnect and eddsendwpremoteinstall functions. This makes it possible for unauthenticated attackers t...

CVE-2024-1230

The SimpleShop plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.10.0. This is due to missing or incorrect nonce validation on the maybedisconnectsimpleshop function. This makes it possible for unauthenticated attackers to disconnect the site...

UBUNTU-CVE-2021-47571

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in rtl92epcidisconnect The freertllib function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that...

The vulnerability of the disconnectVPN function in the microprogramming software for TOTOLINK X5000R allows a hacker to execute arbitrary commands.

The vulnerability of the disconnectVPN function in the microprogramming software for TOTOLINK X5000R lies in the lack of measures to protect input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

PT-2024-3479 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X5000R version 9.1.0cu.2350 B20230313 Description: The issue is related to a command injection via the disconnectVPN function. It is caused by the lack of input data sanitization measures in the TOTOLINK X5000R router's firmware...

PT-2024-17533 · WordPress · Simpleshop

Name of the Vulnerable Software and Affected Versions: SimpleShop plugin for WordPress versions prior to 2.11 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the maybe disconnect simpleshop function. This allows unauthenticated...

CVE-2023-4247

The GiveWP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.33.3. This is due to missing or incorrect nonce validation on the givesendwpdisconnect function. This makes it possible for unauthenticated attackers to deactivate the SendWP plugin via...

AZL-31958 CVE-2023-6039 affecting package kernel 5.15.200.1-1

A use-after-free flaw was found in lan78xxdisconnect in drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx in the Linux Kernel. This flaw allows a local attacker to crash the system when the LAN78XX USB device detaches...

SUSE CVE-2015-1243

Use-after-free vulnerability in the MutationObserver::disconnect function in core/dom/MutationObserver.cpp in the DOM implementation in Blink, as used in Google Chrome before 42.0.2311.135, allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggerin...

The vulnerability of the dccp_disconnect function (net/dccp/proto.c) in the Linux operating system allows a hacker to execute arbitrary code.

The vulnerability of the dccpdisconnect function net/dccp/proto.c is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

Linux kernel denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the tcpdisconnect function in net/ipv4/tcp.c in Linux kernel version 4.12, which can be exploited by an attacker to cause a denial ...