Lucene search
K

155 matches found

CVE
CVE
added 2026/05/30 12:13 p.m.764 views

CVE-2026-46242

Summary (CVE-2026-46242) : The Linux kernel contains a fix for a UAF in eventpoll related to ep_remove. The bug arose when ep_remove_file() cleared file->f_ep under file->f_lock but continued using @file inside the critical section, allowing a concurrent path to reach freed memory via f_op-...

7.8CVSS5.8AI score0.00125EPSS
Exploits2References6Affected Software1
OSV
OSV
added 2026/05/30 12:13 p.m.1 views

CVE-2026-46242 eventpoll: fix ep_remove struct eventpoll / struct file UAF

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

7.8CVSS6AI score0.00125EPSS
Exploits2References9
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.24 views

PT-2026-45095

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.4 through 6.12.67 Description A race condition in the epoll subsystem leads to a use-after-free UAF scenario. The ep remove function via ep remove file clears file-f ep under file-f lock but continues to use the @file...

7.8CVSS6.9AI score0.00125EPSS
Exploits2References463
CNNVD
CNNVD
added 2026/05/30 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the epremove function in eventpoll. This function continues to use @file after clearing file-fep,...

5.8AI score0.00125EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.32 views

Linux Distros Unpatched Vulnerability : CVE-2026-46242

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the...

7.8CVSS7.3AI score0.00125EPSS
Exploits2References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: aio: Fixed a use-after-free issue due to missing POLFREE handling. signalfdpoll and binderpoll are special because they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This...

7.8CVSS6.2AI score0.00252EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: Fixed an infinite busy loop after the timeout has expired. After the commit 0a65bc27bd64 “eventpoll: Sets the epoll timeout if it’s in the future”, the following program would immediately enter a busy loop in the...

5.5CVSS5.8AI score0.0014EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/07 2:19 a.m.26 views

SUSE CVE-2026-43074

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...

7.8CVSS5.8AI score0.00129EPSS
Exploits1References16
RedhatCVE
RedhatCVE
added 2026/05/06 1:50 p.m.9 views

CVE-2026-43074

A flaw was found in the Linux kernel's eventpoll component. In certain situations, the epfree function in eventpoll.c can prematurely free the eventpoll data structure while it is still being used by another concurrent thread. This use-after-free UAF vulnerability could allow a local attacker to...

7.8CVSS5.8AI score0.00129EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.7 views

EUVD-2026-27558

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...

5.8AI score0.00129EPSS
Exploits1References6
NVD
NVD
added 2026/05/06 10:16 a.m.13 views

CVE-2026-43074

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...

7.8CVSS0.00129EPSS
Exploits1References7
CVE
CVE
added 2026/05/06 7:21 a.m.41 views

CVE-2026-43074

CVE-2026-43074 affects the Linux kernel eventpoll code. The vulnerability arises from ep_free() freeing the eventpoll structure while still in use by another thread, creating a use-after-free (UAF). The fix defers kfree() of the epi->ep struct to an RCU grace period to prevent UAF; multiple so...

7.8CVSS5.8AI score0.00129EPSS
Exploits1References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 7:21 a.m.5 views

CVE-2026-43074

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...

5.7AI score0.00129EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 7:21 a.m.6 views

CVE-2026-43074

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...

7.8CVSS5.7AI score0.00129EPSS
Exploits1
Cvelist
Cvelist
added 2026/05/06 7:21 a.m.39 views

CVE-2026-43074 eventpoll: defer struct eventpoll free to RCU grace period

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...

7.8CVSS0.00129EPSS
Exploits1References7
OSV
OSV
added 2026/05/06 7:21 a.m.1 views

CVE-2026-43074 eventpoll: defer struct eventpoll free to RCU grace period

In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still being used by another concurrent thread. Defer the kfree to an RCU...

7.8CVSS5.8AI score0.00129EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the epfree function in eventpoll. This function releases memory when concurrent threads still use...

7.8CVSS7AI score0.00129EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-43074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eventpoll: defer struct eventpoll free to RCU grace period In certain situations, epfree in eventpoll.c will kfree the epi-ep eventpoll struct while it still...

7.8CVSS7.1AI score0.00129EPSS
Exploits1References3
Redos
Redos
added 2026/03/24 12:0 a.m.11 views

ROS-20260324-73-0026

A vulnerability in the eventpoll component of the Linux kernel is related to uncontrolled recursion. Exploitation of the vulnerability allows an attacker to cause a denial of service...

5.5CVSS6AI score0.00153EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/09 5:3 p.m.11 views

kernel: Linux kernel use-after-free in eventpoll

A flaw was found in the Linux kernel's eventpoll epoll mechanism. A local attacker could exploit a use-after-free vulnerability due to incorrect handling of the 'ep' refcount while the 'ep' mutex is still held. This can lead to memory corruption, potentially allowing the attacker to achieve...

7.8CVSS6.1AI score0.00152EPSS
Exploits0References5
Rows per page
Query Builder