Lucene search
K

377 matches found

Samba
Samba
added 2026/05/26 12:0 a.m.13 views

WORM vfs module does not block overwrites

Description The vfsworm module is intended to make files immutable over SMB a short time after they are created. The time window in which they are writable is configurable, defaulting to one hour. The hook that handles renames was checking that the file being renamed was still mutable, but it was...

6.5CVSS5.8AI score0.00939EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: NFSD: Deferred sub-object cleanup in export put callbacks The svcexportput function calls pathput and authdomainput immediately when the last reference is dropped, before the RCU grace period. RCU readers in eshow and cshow...

7.8CVSS5.9AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a race condition between bpftimercancelandfree and bpftimercancel. This race condition could lead to a UAF Use-After-Free error involving the timer-timer variable. Here’s the detailed explanation: In bpftimer...

5.5CVSS6.3AI score0.00241EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Fixed the issue of “use-after-free” in removenhgrpentry. When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer, and then immediately frees the removed entry’s percpu sta...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mctp: Route lookups now perform under a RCU read-side lock. Our current route lookups mctproutelookup and mctproutelookupnull traverse the network’s route list without holding the RCU read lock. This means that the route lookups...

7.8CVSS6.2AI score0.00231EPSS
Exploits0References2
OSV
OSV
added 2026/05/15 2:0 p.m.12 views

OESA-2026-2311 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmwtranslateptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. Thi...

9.4CVSS6.3AI score0.93235EPSS
Exploits31References32
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.10 views

Cisco Unity Connection Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)

According to its self-reported version, Cisco Unity Connection is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unity Connection due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after...

8.1CVSS7.7AI score0.99506EPSS
Exploits68References3
RedhatCVE
RedhatCVE
added 2026/05/08 9:34 p.m.10 views

CVE-2026-43385

A flaw was found in the Linux kernel where a race condition in the rcutasks grace period handling within the napithreadedpollloop function can lead to a stall. This issue occurs when threaded busypoll is enabled and specific network operations are performed. A local user or a specific workload...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/08 5:17 p.m.13 views

CVE-2026-43376

A flaw was found in ksmbd in the Linux kernel. The oplockinfo structure is immediately freed using kfree without an RCU Read-Copy-Update grace period, even though it can still be accessed by readers. This improper memory deallocation can lead to a use-after-free vulnerability, particularly in the...

9.8CVSS5.8AI score0.00444EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.11 views

EUVD-2026-28680

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...

5.8AI score0.00125EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/08 3:31 p.m.12 views

EUVD-2026-28682

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...

5.8AI score0.00444EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.7 views

CVE-2026-43385

In the Linux kernel, the following vulnerability has been resolved: net: Fix rcutasks stall in threaded busypoll I was debugging a NIC driver when I noticed that when I enable threaded busypoll, bpftrace hangs when starting up. dmesg showed: rcutaskswaitgp: rcutasks grace period number 85 since...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References4
OSV
OSV
added 2026/05/08 3:16 p.m.10 views

UBUNTU-CVE-2026-43374

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: fix percpu use-after-free in removenhgrpentry When removing a nexthop from a group, removenhgrpentry publishes the new group via rcuassignpointer then immediately frees the removed entry's percpu stats with...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/08 2:21 p.m.6 views

CVE-2026-43376

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free by using callrcu for oplockinfo ksmbd currently frees oplockinfo immediately using kfree, even though it is accessed under RCU read-side critical sections in places like opinfoget and procshowfiles. Sinc...

9.8CVSS5.8AI score0.00444EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2026/05/08 2:21 p.m.23 views

CVE-2026-43374

Summary: CVE-2026-43374 affects the Linux kernel networking code (net: nexthop). The vuln arises when removing a nexthop from a group: remove_nh_grp_entry() publishes the new group via rcu_assign_pointer() and then immediately frees the removed entry’s percpu stats with free_percpu(), while the s...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:11 p.m.10 views

CVE-2026-43292

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...

5.7AI score0.00122EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Cisco Expressway Series Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)

According to its self-reported version, Cisco Expressway Series is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Expressway Series due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime seconds, after...

8.1CVSS7.7AI score0.99506EPSS
Exploits68References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.10 views

PT-2026-39035

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the remove nh grp entry function. The system publishes a new group using rcu assign pointer and immediately frees the removed...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.9 views

Cisco Adaptive Security Appliance (ASA) Software Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)

According to its self-reported version, Cisco Adaptive Security Appliance ASA Software is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Adaptive Security Appliance ASA Software due to a signal handler race condition found in sshd, where a client does not...

8.1CVSS7.6AI score0.99506EPSS
Exploits68References3
SUSE CVE
SUSE CVE
added 2026/05/07 2:18 a.m.9 views

SUSE CVE-2026-43091

In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...

5.8AI score0.00128EPSS
Exploits0References3
Rows per page
Query Builder