Lucene search
K

991 matches found

OSV
OSV
added 2026/07/01 2:16 p.m.3 views

UBUNTU-CVE-2026-53331

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...

5.8AI score0.00172EPSS
Exploits0References10
EUVD
EUVD
added 2026/07/01 1:32 p.m.6 views

EUVD-2026-40965

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...

5.8AI score0.00172EPSS
Exploits0References7
CVE
CVE
added 2026/07/01 1:32 p.m.17 views

CVE-2026-53331

The CVE-2026-53331 entry describes a Linux kernel slimbus issue in qcom-ngd-ctrl where tx_lock and slim_controller lock could be acquired in opposite orders, risking a deadlock during SSR/PDR down notification. The report explains that qcom_slim_ngd_down() → slim_report_absent() takes the slim_co...

5.8AI score0.00172EPSS
Exploits0References7
OSV
OSV
added 2026/07/01 1:32 p.m.3 views

CVE-2026-53331 slimbus: qcom-ngd-ctrl: Avoid ABBA on tx_lock/ctrl->lock

In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Avoid ABBA on txlock/ctrl-lock During the SSR/PDR down notification the txlock is taken with the intent to provide synchronization with active DMA transfers. But during this period qcomslimngddown is...

5.8AI score0.00172EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/06/24 4:30 p.m.28 views

CVE-2026-53069 net, bpf: fix null-ptr-deref in xdp_master_redirect() for down master

In the Linux kernel, the following vulnerability has been resolved: net, bpf: fix null-ptr-deref in xdpmasterredirect for down master syzkaller reported a kernel panic in bondrrgenslaveid reached via xdpmasterredirect. Full decoded trace: https://syzkaller.appspot.com/bug?extid=80e046b8da2820b6ba...

7.5CVSS0.00385EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.9 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when the PCIe device is accessible in scalable mode. The commit 4fc82cd907ac “iommu/vt-d: Do not issue ATS invalidation requests when the device is disconnected” relies on pcidevisdisconnected to...

5.5CVSS6AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: In the chips-media: wave5 module, the order of device cleanup was corrected to prevent kernel panic. The process of removing video devices was moved to the beginning of the removal function to ensure that all video operations are...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Bonding: alb: fixed a UAF in rlbarprecv during bond up/down. The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still...

7.8CVSS6.4AI score0.00126EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 8:16 a.m.10 views

CVE-2026-52912

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

7.8CVSS0.00142EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.7 views

CVE-2026-52912

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

5.7AI score0.00142EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.32 views

CVE-2026-52912 netfilter: nf_queue: hold bridge skb->dev while queued

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

7.8CVSS0.00142EPSS
Exploits0References8
CVE
CVE
added 2026/06/24 7:14 a.m.18 views

CVE-2026-52912

The CVE-2026-52912 affects the Linux kernel netfilter nf_queue handling of bridge LOCAL_IN traffic. br_pass_frame_up() rewrites skb->dev from the ingress port to the bridge master before queueing, allowing a queued bridge packet to retain a freed bridge master in skb->dev. On reinjection, b...

7.8CVSS5.7AI score0.00142EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/06/24 7:14 a.m.11 views

EUVD-2026-38715

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfqueue: hold bridge skb-dev while queued brpassframeup rewrites skb-dev from the ingress port to the bridge master before queueing bridge LOCALIN packets. NFQUEUE only holds references on state.in/out and bridge...

5.7AI score0.00142EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux

A flaw was discovered in the way RTAS handled memory accesses in user space for kernel communication. In a guest system that is under lockdown usually due to Secure Boot, running on top of PowerVM or KVM hypervisors pseries platform, a root-like local user could exploit this flaw to further...

7.2CVSS6.7AI score0.00501EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/10 5:15 p.m.12 views

EUVD-2026-36080

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could cause data exfiltration through classic...

5.7CVSS5.4AI score0.00252EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/28 9:40 a.m.36 views

CVE-2026-46202 HID: appletb-kbd: run inactivity autodim from workqueues

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness - mutexlock from two different atomic contexts: appletbinactivitytimer is...

0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.11 views

SUSE CVE-2026-45970

In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlbarprecv during bond up/down The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still running,...

7CVSS5.7AI score0.00126EPSS
Exploits0References24
SUSE CVE
SUSE CVE
added 2026/05/28 3:53 a.m.12 views

SUSE CVE-2026-46060

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adfdevup partially completes and then fails, the IRQ handlers registered during adfisrresourcealloc are not detached before the MSI-X vectors are released. Since the device...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
Fedora
Fedora
added 2026/05/28 12:48 a.m.27 views

[SECURITY] Fedora 43 Update: python-uv-build-0.11.15-1.fc43

This package is a slimmed down version of uv containing only the build backend...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/28 12:0 a.m.34 views

Token-Level Generalization in LoRA Adapter Backdoors: Attack Characterization and Behavioral Detection

We show that LoRA adapters, the dominant distribution format for fine-tuned LLMs, can be reliably backdoored through training data poisoning while preserving baseline task performance. On a Qwen 2.5 1.5B prompt-injection classifier, a small fraction of poisoned examples drives a...

5.8AI score
Exploits0
Rows per page
Query Builder