Lucene search
K

278 matches found

OSV
OSV
added yesterday2 views

UBUNTU-CVE-2026-53349

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: destroy stale expectfn expectations on unregister NAT helpers such as nfnath323 store a raw pointer to module text in exp-expectfn e.g. ipnatq931expect. nfcthelperexpectfnunregister only unlinks the callba...

5.8AI score0.00161EPSS
Exploits0References9
NVD
NVD
added 2026/06/25 9:16 a.m.15 views

CVE-2026-53248

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix use-after-free in metadata dst teardown airohametadatadstfree runs metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

8.8CVSS0.00391EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53157

In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonetdevice after RCU grace period phonetdevicedestroy removes a phonetdevice from the per-net device list with listdelrcu, but frees it immediately. RCU readers walking the same list can still hold a pointer t...

5.7AI score0.00173EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53270

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References11
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53264

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action. Let's illustrate with CPU0 running NEWTFILTER and...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39221

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at...

5.8AI score0.00129EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53248

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix use-after-free in metadata dst teardown airohametadatadstfree runs metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

5.7AI score0.00391EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39199

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix use-after-free in metadata dst teardown airohametadatadstfree runs metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

5.7AI score0.00391EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53157

In the Linux kernel, the following vulnerability has been resolved: net: phonet: free phonetdevice after RCU grace period phonetdevicedestroy removes a phonetdevice from the per-net device list with listdelrcu, but frees it immediately. RCU readers walking the same list can still hold a pointer t...

5.7AI score0.00173EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 6:32 p.m.5 views

EUVD-2026-38815

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

5.7AI score0.00135EPSS
Exploits0References9
NVD
NVD
added 2026/06/24 5:17 p.m.8 views

CVE-2026-52947

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtrportremove In qrtrportremove, the socket reference count is decremented via sockput before the port is removed from the qrtrports XArray and before the RCU grace period...

7.8CVSS0.00135EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/06/23 1:1 a.m.9 views

samba: vfs_worm does not block directory modification

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.8AI score0.00904EPSS
Exploits0References5
CVE
CVE
added 2026/06/19 2:43 p.m.24 views

CVE-2026-52910

The CVE-2026-52910 issue is in the Linux kernel where a cBPF reuseport program may be freed immediately when detached from a reuseport group, without waiting for an RCU grace period. This can lead to a use-after-free and potential memory corruption when a concurrent UDP send crosses the fast path...

7.8CVSS5.7AI score0.00102EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Support deferring bpflink deallocation to after RCU grace period The BPF link for some program types is passed as a “context” that can be used by those BPF programs to retrieve additional information. For example, for...

5.5CVSS6AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a race condition between bpftimercancelandfree and bpftimercancel. This race condition could lead to a UAF Use-After-Free error involving the timer-timer variable. Here’s the detailed explanation: In bpftimer...

5.5CVSS6.3AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Fixed the issue of “use-after-free” in removenhgrpentry. When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer, and then immediately frees the percpu stats of the remove...

7.8CVSS5.6AI score0.00125EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Deferred sub-object cleanup in export put callbacks The svcexportput function calls pathput and authdomainput immediately when the last reference is dropped, before the RCU grace period. RCU readers in eshow and cshow...

7.8CVSS5.7AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mctp: Route lookups now perform under a RCU read-side lock. Our current route lookups mctproutelookup and mctproutelookupnull traverse the network’s route list without holding the RCU read lock. This means that the route lookups...

7.8CVSS5.8AI score0.00231EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/17 12:5 p.m.6 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.9AI score0.00119EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 9:22 a.m.6 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.8AI score0.00119EPSS
Exploits0References5
Rows per page
Query Builder