Lucene search
K

55 matches found

RedhatCVE
RedhatCVE
added 2026/06/26 12:53 p.m.7 views

CVE-2026-52991

A flaw was found in the Linux kernel's Pressure Stall Information PSI subsystem. A race condition exists between the file release and pressure write operations, specifically concerning the priv member of struct kernfsopenfile. This can lead to a use-after-free vulnerability or a NULL dereference,...

7.8CVSS5.7AI score0.00104EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-52991

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sched/psi: fix race between file release and pressure write A potential race condition exists between pressure write and cgroup file release regarding the priv...

7.8CVSS6.1AI score0.00104EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.6 views

CVE-2026-52991

In the Linux kernel, the following vulnerability has been resolved: sched/psi: fix race between file release and pressure write A potential race condition exists between pressure write and cgroup file release regarding the priv member of struct kernfsopenfile, which triggers the uaf reported in 1...

7.8CVSS0.00104EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.30 views

CVE-2026-52991 sched/psi: fix race between file release and pressure write

In the Linux kernel, the following vulnerability has been resolved: sched/psi: fix race between file release and pressure write A potential race condition exists between pressure write and cgroup file release regarding the priv member of struct kernfsopenfile, which triggers the uaf reported in 1...

7.8CVSS0.00104EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 4:29 p.m.5 views

CVE-2026-52991 sched/psi: fix race between file release and pressure write

In the Linux kernel, the following vulnerability has been resolved: sched/psi: fix race between file release and pressure write A potential race condition exists between pressure write and cgroup file release regarding the priv member of struct kernfsopenfile, which triggers the uaf reported in 1...

7.8CVSS6AI score0.00104EPSS
Exploits0References9
CVE
CVE
added 2026/06/24 4:29 p.m.43 views

CVE-2026-52991

CVE-2026-52991 concerns a race in the Linux kernel PSI subsystem where a use-after-free can occur due to a race between pressure_write and cgroup file release touching the priv member of struct kernfs_open_file. The issue is fixed by widening the scope of the cgroup_mutex in pressure_write to cov...

7.8CVSS5.9AI score0.00104EPSS
Exploits0References6Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/handshake: fixed null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if the socket lookup fails. We should also call tracehandshakecmddoneerr before releasing the file; otherwise, dereferencin...

5.5CVSS5.4AI score0.00119EPSS
Exploits0References1
CVE
CVE
added 2026/04/24 2:45 p.m.13 views

CVE-2026-31654

CVE-2026-31654 affects the Linux kernel mm/vma path for mmap-backed shared mappings (notably /dev/zero). The root cause was a memory leak: when __mmap_new_vma() fails after shmem_zero_setup_desc() allocates a replacement shmem file, that new file isn’t released in the error path, leaving an unref...

5.5CVSS5.4AI score0.00113EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/24 2:45 p.m.6 views

EUVD-2026-25547

In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...

5.4AI score0.00113EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:45 p.m.6 views

CVE-2026-31654

In the Linux kernel, the following vulnerability has been resolved: mm/vma: fix memory leak in mmapregion commit 605f6586ecf7 "mm/vma: do not leak memory when .mmapprepare swaps the file" handled the success path by skipping getfile via filedoesntneedget, but missed the error path. When /dev/zero...

5.4AI score0.00113EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/02/14 5:15 p.m.12 views

CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

5.5CVSS0.00122EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2026/02/14 5:15 p.m.8 views

CVE-2025-71204

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parsedurablehandlecontext When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/14 4:27 p.m.5 views

CVE-2025-71223

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in smb2open When ksmbdvfsgetattr fails, the reference count of ksmbdfile must be released...

5.2AI score0.00122EPSS
Exploits0References5Affected Software1
F5 Networks
F5 Networks
added 2026/02/03 7:48 p.m.14 views

K000159873: Linux kernel vulnerability CVE-2025-39881

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free UAF vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-free in...

7.8CVSS5.2AI score0.0014EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/12/09 11:32 p.m.4 views

CVE-2025-64497

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...

6.5CVSS6.5AI score0.00244EPSS
Exploits0References1
NVD
NVD
added 2025/12/08 11:15 p.m.7 views

CVE-2025-64497

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...

6.5CVSS0.00244EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/08 10:28 p.m.4 views

CVE-2025-64497 Tuleap exposes releases for all projects to File Release System project administrators

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...

6.5CVSS6.2AI score0.00244EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/08 10:28 p.m.29 views

CVE-2025-64497 Tuleap exposes releases for all projects to File Release System project administrators

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...

6.5CVSS0.00244EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/17 9:52 a.m.2 views

kernel: kernfs: Fix UAF in polling when open file is released

A use-after-free race condition exists in the linux kernel such that When cgroup.pressure is disabled, it releases PSI triggers via cgroupfilerelease, Frees of-priv through kernfsdrainopenfiles leading to damage to the availability and integrity of the system...

7.8CVSS5.8AI score0.0014EPSS
Exploits0References5
NVD
NVD
added 2025/11/12 10:15 p.m.5 views

CVE-2025-64482

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap Community Edition prior to version 16.13.99.1762267347 and Tuleap Enterprise Edition prior to versions 17.01-, 16.13-6, and 16.12-9 don't have cross-site request forgery protections in the file...

4.6CVSS0.00135EPSS
Exploits0References4
Rows per page
Query Builder