Lucene search
K

16498 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 1:11 a.m.6 views

CVE-2026-53233

A flaw was found in the Linux kernel. A double-free vulnerability exists within the netdevnlbindrxdoit function, which is responsible for binding network device receive operations. This vulnerability arises when genlmsgreply consumes the socket buffer skb, and the error handling path subsequently...

7CVSS6.2AI score0.00175EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/26 12:17 a.m.7 views

CVE-2026-53198

A flaw was found in ksmbd, a Linux kernel module that provides an in-kernel SMB server. An authenticated SMB client can trigger a use-after-free vulnerability by sending a double SMB2CANCEL request for the same asynchronous operation. This can lead to memory corruption, potentially allowing an...

8.8CVSS6.1AI score0.00466EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52925

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the idpf driver where a double free and use-after-free occur during auxiliary device error paths. When the auxiliary device add function fails within idpf plug vport a...

5.8AI score0.00169EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.22 views

PT-2026-52933

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the mailbox-test component where a double-free occurs during the process of freeing channels. This happens because the RX channel can be aliased to the TX channel if i...

5.7AI score0.00177EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Curl 8.15.0 < 8.21.0 SASL Double-Free

The version of curl installed on the remote host is 8.15.0 prior to 8.21.0. It is, therefore, affected by a double-free vulnerability: - The curl logic that works with SASL authentication could end up cleaning up the GSASL context twice without clearing the pointer in between, making it free the...

5.8AI score0.00248EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

Debian dla-4650 : giflib-tools - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4650 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4650-1 [email protected]...

8.2CVSS6.8AI score0.00618EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.15 views

PT-2026-52936

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the mana remove function where a double invocation can lead to a kernel panic. This occurs when a Power Management PM resume fails, causing mana probe to call mana remov...

5.8AI score0.00166EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.9 views

Oracle Linux 9 : kernel (ELSA-2026-27789)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27789 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177392 CVE-2026-46331 - scsi: qla2xxx: Completely fix fcport doub...

9.8CVSS7.2AI score0.00563EPSS
Exploits13References18
RedHat Linux
RedHat Linux
added 2026/06/25 11:21 p.m.5 views

kernel: scsi: qla2xxx: Completely fix fcport double free

A flaw was found in the Linux kernel's qla2xxx SCSI driver. An issue exists where a Fibre Channel port fcport object can be freed twice due to an error in the qla2x00elsdcmdspfree function. This double free vulnerability can lead to memory corruption, potentially causing system instability or a...

9.8CVSS5.7AI score0.0038EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 11:21 p.m.6 views

kernel: nvmet-tcp: fix race between ICReq handling and queue teardown

A flaw was found in the Linux kernel's NVMe over TCP nvmet-tcp implementation. A race condition exists between the handling of an Initialization Connection Request ICReq and the teardown of a queue. A remote attacker, by sending an ICReq and immediately closing the connection, could trigger a...

9.8CVSS5.8AI score0.00353EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/25 9:55 p.m.5 views

CVE-2026-52993

A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC module. This vulnerability, a double-free, occurs when the tipcbufappend function incorrectly handles memory after a socket buffer skb reallocation. An attacker could potentially exploit this to cause system...

9.8CVSS6.2AI score0.00351EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 9:21 p.m.7 views

CVE-2026-53009

A flaw was found in the Linux kernel's ice network driver. An error in the driver's handling of network packet transmission, specifically when icetso or icetxcsum functions fail, can lead to a double-free of a network buffer skb. This occurs because a transmit buffer txbuf may still point to an...

7.8CVSS6AI score0.00123EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 6:41 p.m.5 views

EUVD-2026-39535

SeaweedFS is a distributed storage system for object storage S3, file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers with mux.NewRouter.SkipCleantrue. With path cleaning disabled, a .. segment inside the URL survives...

7.8CVSS5.9AI score0.00345EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:44 p.m.3 views

CVE-2026-55699

pnpm is a package manager. Prior to 10.34.2 and 11.5.3, Manifest bin object keys such as "", ".", and ".." passed pnpm's bin-name guard. When a malicious package was installed globally, later global remove, update, or add-replacement flows could re-derive those names from the installed manifest a...

6.5CVSS5.9AI score0.00286EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53233

In the Linux kernel, the following vulnerability has been resolved: netdev: fix double-free in netdevnlbindrxdoit Sashiko flags that genlmsgreply always consumes the skb. The error path calls nlmsgfreersp so we can't jump directly to it. Let's not unbind, just propagate the error to the user. Thi...

0.00175EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS0.00466EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53233

In the Linux kernel, the following vulnerability has been resolved: netdev: fix double-free in netdevnlbindrxdoit Sashiko flags that genlmsgreply always consumes the skb. The error path calls nlmsgfreersp so we can't jump directly to it. Let's not unbind, just propagate the error to the user. Thi...

5.7AI score0.00175EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References9
CVE
CVE
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53233

In the Linux kernel, CVE-2026-53233 concerns a double-free in netdev_nl_bind_rx_doit(). The fix addresses a faulty interaction with genlmsg_reply(), where genlmsg_reply() is expected to consume the skb. The error path previously invoked nlmsg_free(rsp), which was incompatible with unbinding flow;...

5.7AI score0.00175EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39324

In the Linux kernel, the following vulnerability has been resolved: netdev: fix double-free in netdevnlbindrxdoit Sashiko flags that genlmsgreply always consumes the skb. The error path calls nlmsgfreersp so we can't jump directly to it. Let's not unbind, just propagate the error to the user. Thi...

5.7AI score0.00175EPSS
Exploits0References4
Rows per page
Query Builder