Lucene search
+L

167 matches found

nessus
nessus
added 2026/06/30 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd...

7.8CVSS6AI score0.00126EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/06/29 9:15 a.m.5 views

CVE-2026-53286

A flaw was found in the Linux kernel. Specifically, a double free and use-after-free vulnerability exists in the idpf driver's auxiliary device error paths. This flaw occurs when auxiliarydeviceadd fails, leading to improper memory handling where memory is freed twice or accessed after being free...

7.8CVSS6AI score0.00126EPSS
Exploits0References4
nvd
nvd
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53286

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

7.8CVSS0.00126EPSS
Exploits0References3
osv
osv
added 2026/06/26 8:17 p.m.4 views

DEBIAN-CVE-2026-53286

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

7.8CVSS5.7AI score0.00126EPSS
Exploits0References1
euvd
euvd
added 2026/06/26 7:40 p.m.7 views

EUVD-2026-39891

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

5.8AI score0.00126EPSS
Exploits0References3
cve
cve
added 2026/06/26 7:40 p.m.15 views

CVE-2026-53286

CVE-2026-53286 affects the Linux kernel IDPF driver: when auxiliary_device_add() fails in idpf_plug_vport_aux_dev() or idpf_plug_core_aux_dev(), the error path uninitializes the auxiliary device in a way that can trigger a use-after-free and a double free of the iadev object. The issue arises bec...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References3Affected Software1
astralinux
astralinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed a memory leak in idpfvportrel Released vport-rxptypelkup in idpfvportrel to prevent memory leakage during a reset. Reported by kmemleak: Unreferenced object 0xff450acac838a000 size 4096: comm "kworker/u258:5", pid 773...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References3
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed the issue where the aux device is unplugged when RDMA is not supported by the vport. If the vport flags do not contain VIRTCHNL2VPORTENABLERDMA, the driver does not allocate vdevinfo for this vport. This results in a...

5.2AI score0.00145EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: Detaching and closing netdevs while handling a reset Protect the reset path from callbacks by setting the netdevs to detached state and closing any netdevs in UP state until the reset handling is completed. During a reset,...

5.5CVSS6AI score0.00115EPSS
Exploits0References1
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: idpf: checked for errors when calling registernetdev in init. The current init logic ignores the error code from registernetdev. This could lead to a WARNON message when attempting to unregister the device, if such an attempt...

5.5CVSS5.7AI score0.00175EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpfrxrsc idpfrxrsc uses skbtransportoffsetskb while the transport header is not set yet. This triggers the following warning for CONFIGDEBUGNET=y builds. DEBUGNETWARNONONCE!skbtransportheaderwassetskb...

5.5CVSS6.4AI score0.00176EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed the PREEMPTRT raw/bh spinlock nesting issue for async VC handling The code has been changed to use a local lock instead of the raw spinlock provided by the completion structure in the idpfvcxn struct. This conversion ...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References1
nessus
nessus
added 2026/04/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix PREEMPTRT raw/bh spinlock nesting for async VC handling Switch from using the completion's raw spinlock to a local lock in the idpfvcxn struct. The...

5.5CVSS6.3AI score0.00122EPSS
Exploits0References3
susecve
susecve
added 2026/04/25 1:37 a.m.8 views

SUSE CVE-2026-31647

In the Linux kernel, the following vulnerability has been resolved: idpf: fix PREEMPTRT raw/bh spinlock nesting for async VC handling Switch from using the completion's raw spinlock to a local lock in the idpfvcxn struct. The conversion is safe because complete/all are called outside the lock and...

5.5CVSS5.5AI score0.00122EPSS
Exploits0References5
redhatcve
redhatcve
added 2026/04/24 9:44 p.m.6 views

CVE-2026-31647

A flaw was found in the Linux kernel's idpf driver. This vulnerability arises from improper nesting of spinlocks during asynchronous Virtual Channel VC handling. An attacker could potentially trigger an invalid wait context, leading to a system crash or denial of service. Mitigation To reduce...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
osv
osv
added 2026/04/24 3:16 p.m.6 views

DEBIAN-CVE-2026-31647

In the Linux kernel, the following vulnerability has been resolved: idpf: fix PREEMPTRT raw/bh spinlock nesting for async VC handling Switch from using the completion's raw spinlock to a local lock in the idpfvcxn struct. The conversion is safe because complete/all are called outside the lock and...

5.5CVSS5.3AI score0.00122EPSS
Exploits0References1
debiancve
debiancve
added 2026/04/24 2:45 p.m.5 views

CVE-2026-31647

In the Linux kernel, the following vulnerability has been resolved: idpf: fix PREEMPTRT raw/bh spinlock nesting for async VC handling Switch from using the completion's raw spinlock to a local lock in the idpfvcxn struct. The conversion is safe because complete/all are called outside the lock and...

5.5CVSS5.2AI score0.00122EPSS
Exploits0
cve
cve
added 2026/04/24 2:45 p.m.22 views

CVE-2026-31647

CVE-2026-31647 concerns the Linux kernel idpf driver. The vulnerability stems from improper nesting of PREEMPT_RT raw/BH spinlocks during asynchronous VC handling, which could yield an invalid wait context. A fix switches from the completion’s raw spinlock to a local lock in the idpf_vc_xn struct...

5.5CVSS5.4AI score0.00122EPSS
Exploits0References4Affected Software1
attackerkb
attackerkb
added 2026/04/24 2:45 p.m.3 views

CVE-2026-31647

In the Linux kernel, the following vulnerability has been resolved: idpf: fix PREEMPTRT raw/bh spinlock nesting for async VC handling Switch from using the completion's raw spinlock to a local lock in the idpfvcxn struct. The conversion is safe because complete/all are called outside the lock and...

5.3AI score0.00122EPSS
Exploits0References5Affected Software1
euvd
euvd
added 2026/04/24 2:45 p.m.5 views

EUVD-2026-25540

In the Linux kernel, the following vulnerability has been resolved: idpf: fix PREEMPTRT raw/bh spinlock nesting for async VC handling Switch from using the completion's raw spinlock to a local lock in the idpfvcxn struct. The conversion is safe because complete/all are called outside the lock and...

5.4AI score0.00122EPSS
Exploits0References4
Rows per page
Query Builder