Lucene search
K

95 matches found

Cvelist
Cvelist
added last week26 views

CVE-2026-53087 net: bcmgenet: fix leaking free_bds

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

7.5CVSS0.00376EPSS
Exploits0References6
EUVD
EUVD
added last week5 views

EUVD-2026-38955

In the Linux kernel, the following vulnerability has been resolved: net: bcmgenet: fix leaking freebds While reclaiming the tx queue we fast forward the write pointer to drop any data in flight. These dropped frames are not added back to the pool of free bds. We also need to tell the netdev that ...

5.8AI score0.00376EPSS
Exploits0References6
CVE
CVE
added last week6 views

CVE-2026-53087

Summary: CVE-2026-53087 affects the Linux kernel bcmgenet network driver. When reclaiming the transmit queue, the driver advances the write pointer to drop in-flight data but fails to return the dropped frames to the pool of free buffer descriptors (bds), causing a resource leak. This can lead to...

7.5CVSS5.8AI score0.00376EPSS
Exploits0References6
NVD
NVD
added last week6 views

CVE-2026-52935

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS0.0012EPSS
Exploits0References8
OSV
OSV
added last week3 views

UBUNTU-CVE-2026-52935

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.27 views

CVE-2026-52935 xfrm: espintcp: do not reuse an in-progress partial send

In the Linux kernel, the following vulnerability has been resolved: xfrm: espintcp: do not reuse an in-progress partial send espintcp keeps a single in-flight transmit in ctx-partial. Before building a new skmsg, espintcpsendmsg first tries to flush that state through espintcppushmsgs. For blocki...

7.8CVSS0.0012EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.14 views

PT-2026-51728

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the xfrm espintcp component where the system may reuse an in-progress partial send. Specifically, the espintcp sendmsg function may reinitialize emsg-skmsg and reuse...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References13
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Do not keep the queue frozen during system suspension. The commit 4ce6e2db00de “virtio-blk: Ensure no requests are in the virtqueues before deleting the vqs.” replaces “queue quiesce” with “queue freeze” in virtio-blk...

5.5CVSS6.1AI score0.00162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: afunix: Fixed a data race around unixtotinflight. unixtotinflight is updated under spinlockunixgclock, but unixreleasesock reads it without locking. We will use READONCE for unixtotinflight...

5.6AI score0.00185EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Input: powermate – fixed a use-after-free in powermateconfigComplete. Syzbot has identified a use-after-free bug 1 in the powermate driver. This occurs when the device is disconnected, causing memory data related to the...

7.8CVSS5.8AI score0.00245EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Bonding: Fix for xfrm realdev null pointer dereference We should not set realdev to NULL, because packets may still be in transit, and xfrm might call xdodevoffloadok in parallel. All callbacks assume that realdev is set. Example...

5.5CVSS6.2AI score0.00239EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a mid leak that occurred during reconnection after a timeout threshold. When the number of responses with the status STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection...

5.5CVSS5.2AI score0.00136EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:30 p.m.10 views

CVE-2026-42597

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the /forms/chromium/convert/url and /forms/chromium/screenshot/url routes accept url=file:///tmp/... from anonymous callers. The default Chromium deny-list intentionally exempts file:///tmp/ so HTML/Markdown routes can lo...

5.9CVSS5.4AI score0.00251EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32321

In the Linux kernel, the following vulnerability has been resolved: ata: libata-scsi: avoid Non-NCQ command starvation When a non-NCQ command is issued while NCQ commands are being executed, atascsiqcissue indicates to the SCSI layer that the command issuing should be deferred by returning...

5.9AI score0.00164EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.16 views

CVE-2026-46090

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopbackcheckformat may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa62e3 "ALSA: aloop: Fix...

7.8CVSS0.00103EPSS
Exploits0References13
OSV
OSV
added 2026/05/27 2:17 p.m.4 views

UBUNTU-CVE-2026-46090

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopbackcheckformat may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa62e3 "ALSA: aloop: Fix...

7.8CVSS5.7AI score0.00103EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:58 p.m.7 views

CVE-2026-46090

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop loopbackcheckformat may stop the capture side when playback starts with parameters that no longer match a running capture stream. Commit 826af7fa62e3 "ALSA: aloop: Fix...

7.8CVSS5.7AI score0.00103EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/27 12:58 p.m.33 views

CVE-2026-46090

CVE-2026-46090 affects the Linux kernel ALSA aloop driver. A use-after-free in loopback_check_format() can occur when playback starts with parameters that no longer match a running capture stream, while a concurrent close may detach or free the runtime. The issue arises after a patch that moved t...

7.8CVSS5.8AI score0.00103EPSS
Exploits0References13Affected Software1
CVE
CVE
added 2026/05/27 12:15 p.m.28 views

CVE-2026-45855

The CVE-2026-45855 issue affects the Linux kernel’s libata-scsi component, where NCQ command traffic could starve non-NCQ commands in multi-queue hosts. Root cause: mixing NCQ and non-NCQ can delay non-NCQ execution when NCQ is in-flight. The fix implements forward progress for non-NCQ commands b...

5.5CVSS5.9AI score0.00164EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-43958

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the ALSA loopback driver. The loopback check format function may stop the capture side when playback starts with parameters that do not match a runni...

7.8CVSS5.9AI score0.00103EPSS
Exploits0
Rows per page
Query Builder