Lucene search
+L

26 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-53042

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so...

5.5CVSS6.1AI score0.00121EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-53042

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

5.5CVSS0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/06/24 4:29 p.m.20 views

CVE-2026-53042

The CVE-2026-53042 issue affects the Linux kernel fwctl subsystem where class initialization ordering can trigger a NULL pointer dereference on device removal. Root cause: CXL is linked before fwctl in drivers/Makefile, leading to cxl_pci_driver_init() running before fwctl_init(). When cxl_pci_pr...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/24 4:29 p.m.10 views

EUVD-2026-38910

In the Linux kernel, the following vulnerability has been resolved: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal CXL is linked before fwctl in drivers/Makefile. Both use moduleinit, so cxlpcidriverinit runs first. When cxlpciprobe calls fwctlregister and then...

5.8AI score0.00121EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: Fixed a NULL pointer dereferencing in hciuartwritework. The hciuartsetproto function sets HCIUARTPROTOINIT before calling hciuartregisterdev. This function calls proto-open to initialize hu-priv. However, if a...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.12 views

PT-2026-51936

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fwctl component where incorrect class initialization ordering can lead to a NULL pointer dereference during device removal. Because CXL is linked before fwctl in t...

6AI score0.00121EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/10 12:36 p.m.11 views

EUVD-2024-55616

Ghidra before 11.2 contains a use after free vulnerability in the Sleigh backend caused by undefined static initialization order of the SleighArchitecture::translators and XmlArchitectureCapability singletons. Attackers can trigger an infinite loop or denial of service during shutdown by exploiti...

2.9CVSS5.5AI score0.0011EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 2:16 p.m.12 views

CVE-2026-43312

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...

5.5CVSS0.00123EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/05/08 2:16 p.m.10 views

CVE-2026-43312

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References17
OSV
OSV
added 2026/05/08 1:11 p.m.2 views

CVE-2026-43312 media: i2c: ov5647: Initialize subdev before controls

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647initcontrols we call v4l2getsubdevdata, but it is initialized by v4l2i2csubdevinit in the probe, which currently happens after initcontrols. This can result in a...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/05/08 1:11 p.m.9 views

CVE-2026-43288

In the Linux kernel, the following vulnerability has been resolved: ext4: move ext4percpuparaminit before ext4mbinit When running kvm-xfstests -c ext4/1k -C 1 generic/383 with the DOUBLECHECK macro defined, the following panic is triggered:...

5.8AI score0.0013EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/27 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-31669

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless...

9.8CVSS6.2AI score0.00459EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:45 p.m.7 views

CVE-2026-31669

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in inetlookupestablished The ehash table lookups are lockless and rely on SLABTYPESAFEBYRCU to guarantee socket memory stability during RCU read-side critical sections. Both tcpprot and tcpv6prot ha...

5.5AI score0.00459EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/14 4:1 p.m.4 views

CVE-2026-23146

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...

5.1AI score0.00123EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004875)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004875 advisory. In the Linux kernel, the following vulnerability has been resolved: kcm: fix strpinit order and cleanup strpinit is called just a few lines above this csk-skuserdata...

5.5CVSS7AI score0.00221EPSS
Exploits0References4
CVE
CVE
added 2025/12/09 4:9 a.m.24 views

CVE-2025-40338

CVE-2025-40338 is a Linux kernel vulnerability in ASoC: Intel avs where sharing the component name pointer could cause use-after-free during teardown. The fix duplicates the component name to prevent lifetime issues and updates the initialization/teardown order (noting that the config may pass a ...

6.2AI score0.00188EPSS
Exploits0References2
OSV
OSV
added 2025/12/09 4:9 a.m.4 views

CVE-2025-40338 ASoC: Intel: avs: Do not share the name pointer between components

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Do not share the name pointer between components By sharing 'name' directly, tearing down components may lead to use-after-free errors. Duplicate the name to avoid that. At the same time, update the order of...

6.4AI score0.00188EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.4 views

Siemens SIMATIC Devices Use of Uninitialized Resource (CVE-2025-21862)

dropmonitor: incorrect initialization order. If dropmonitor is built as a kernel module, syzkaller may have time to send a netlink NETDMCMDSTART message during the module loading. This will call the netdmmonitorstart function that uses a spinlock that has not yet been initialized. This plugin onl...

5.5CVSS6.9AI score0.0022EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-55239

Malicious code in bioql PyPI...

7.1AI score0.00221EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/08/19 5:3 p.m.12 views

CVE-2025-38582

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix double destruction of rsvqp rsvqp may be double destroyed in error flow, first in freemrinit, and then in hnsroceexit. Fix it by moving the freemrinit call into hnsrocev2init. listdel corruption, ffff589732eb9b50-ne...

7.8CVSS6.1AI score0.00153EPSS
Exploits0
Rows per page
Query Builder