Lucene search
K

47 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53120

In the Linux kernel, the following vulnerability has been resolved: PCI: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...

5.7AI score0.00157EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/24 4:30 p.m.5 views

EUVD-2026-38988

In the Linux kernel, the following vulnerability has been resolved: PCI: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause ...

5.7AI score0.00157EPSS
Exploits0References4
CVE
CVE
added 2026/06/24 4:30 p.m.18 views

CVE-2026-53120

The CVE-2026-53120 entry concerns the Linux kernel PCI subsystem. A vulnerability arises when a driver is probed via __driver_attach(): the bus match() callback can access the driver_override field without the device lock, creating a use-after-free risk. The fix uses the driver-core driver_overri...

5.7AI score0.00157EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:30 p.m.8 views

CVE-2026-53118

In the Linux kernel, the following vulnerability has been resolved: vdpa: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which can cause...

5.7AI score0.00155EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/24 4:30 p.m.11 views

CVE-2026-53118

In the Linux kernel CVE-2026-53118, the issue is in the vdpa path where, during __driver_attach(), the bus' match() is invoked without holding the device lock, exposing the driver_override field to a use-after-free. The root cause is missing synchronization when accessing driver_override during p...

5.7AI score0.00155EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:30 p.m.5 views

CVE-2026-53115

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which ca...

5.7AI score0.00157EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38983

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock, which ca...

5.7AI score0.00157EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52013

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the platform/wmi component. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device loc...

5.9AI score0.00157EPSS
Exploits0References16
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52014

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the PCI subsystem. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This...

5.9AI score0.00157EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-52012

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the vdpa component. When a driver is probed through the driver attach function, the bus match callback is executed without holding the device lock...

5.9AI score0.00155EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52009

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the fsl-mc bus. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock. This lead...

5.9AI score0.00157EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52011

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the s390/cio component. When a driver is probed via the driver attach function, the bus match callback is executed without holding the device lock...

5.9AI score0.00171EPSS
Exploits0References17
OSV
OSV
added 2026/05/22 1:19 p.m.8 views

OESA-2026-2415 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the devi...

8.8CVSS6AI score0.0138EPSS
Exploits6References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: Driver Core: Fixed a potential deadlock in driverattach. In the driverattach function, there is also an AA deadlock issue, similar to the commit b232b02bf3c2 "Driver Core: Fix Deadlock in deviceattach". The stack trace is as...

5.5CVSS6.5AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Driver: Base – Fixed UAF when driverattach fails When driverattachdrv fails, the driverprivate variable is freed. However, it was added to the bus, which caused a UAF Use-after-Free error. To fix this issue, we need to remove it...

7.8CVSS6.2AI score0.00289EPSS
Exploits0References2
NVD
NVD
added 2026/04/27 6:16 p.m.5 views

CVE-2026-31688

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.0011EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/27 5:32 p.m.32 views

CVE-2026-31688

...

0.0011EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.5 views

PT-2026-35494

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A race condition exists in the driver core due to inconsistent locking in the driver match device function. While one call site holds the device lockdev, others such as bind store and...

7.8CVSS5.3AI score0.0011EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2026/04/23 1:24 a.m.8 views

SUSE CVE-2026-31527

In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/22 6:56 p.m.7 views

CVE-2026-31487

A flaw was found in the Linux kernel, specifically within its Serial Peripheral Interface SPI subsystem. This vulnerability arises from improper handling of memory when a driver is being attached, leading to a use-after-free UAF condition. A UAF vulnerability is a type of memory corruption that c...

5.5CVSS5.7AI score0.00094EPSS
Exploits0References4
Rows per page
Query Builder