Lucene search
K

309 matches found

RedHat Linux
RedHat Linux
added last week6 views

kernel: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange [email protected] says: The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. It leads to UAF on stru...

7.5CVSS6.2AI score0.00151EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/07 7:35 p.m.7 views

kernel: procfs: fix missing RCU protection when reading real_parent in do_task_stat()

A flaw was found in the Linux kernel's procfs component. When reading /proc/pid/stat, the dotaskstat function accesses task-realparent without proper Read-Copy-Update RCU protection. This missing protection creates a race condition, which can lead to a Use-After-Free UAF vulnerability. A local...

7.8CVSS5.9AI score0.0012EPSS
Exploits0References5
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53207

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...

5.5CVSS0.00099EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53165 iomap: avoid potential null folio->mapping deref during error reporting

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid potential null folio-mapping deref during error reporting When a buffered read fails, iomapfinishfolioread reports the error with fserrorreportiofolio-mapping-host, .... This is called after ifs-readbytespending has...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:38 a.m.20 views

CVE-2026-53161

The CVE-2026-53161 entry concerns a use-after-free in the Linux kernel fastrpc subsystem. A race between fastrpc_device_release() (on file close) and the workqueue processing DSP responses can free the fastrpc_user while an in-flight DSP invocation is completing, leading to dereferencing freed co...

7.8CVSS5.7AI score0.00135EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-52991

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sched/psi: fix race between file release and pressure write A potential race condition exists between pressure write and cgroup file release regarding the priv...

7.8CVSS6.2AI score0.00107EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52977

In the Linux kernel, the following vulnerability has been resolved: futex: Prevent lockup in requeue-PI during signal/ timeout wakeup During wait-requeue-pi task A and requeue-PI task B the following race can happen: Task A Task B futexwaitrequeuepi futexsetuptimer futexdowait futexrequeue CLASSh...

5.6AI score0.00122EPSS
Exploits0References7Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: GPU: host1x – Fixed a race condition in syncptalloc and syncptfree. A race condition occurred between host1xsyncptalloc and host1xsyncptPut, which was addressed by using krefPutMutex instead of krefPut plus manual mutex locking...

5.8AI score0.00161EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only add the LED to ledslist when it is fully ready. Before this change, the LED was added to ledslist before the ledinitcore function was called—that is, before ledclassdev.setbrightnesswork was initialized. Thi...

4.7CVSS6AI score0.0012EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.2 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: Insufficient locking for -dparent-d inode dereferencing. Theoretically, this could lead to an oops error due to a race condition, but I don’t believe anyone would actually exploit this vulnerability on real...

6.1AI score0.00184EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/22 5:29 a.m.6 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS6.1AI score0.00104EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/17 1:20 a.m.6 views

kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A race condition exists in the SCTPSENDALL path where a cached list entry is not properly revalidated after the socket lock is temporarily released. This allows a local attacker or a remote attacker v...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/08 3:46 p.m.42 views

CVE-2026-46298 pseries/papr-hvpipe: Fix race with interrupt handler

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix race with interrupt handler While executing -ioctl handler or -release handler, if an interrupt fires on the same cpu, then we can enter into a deadlock. This patch fixes both these handlers to take...

0.00074EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 9:40 a.m.24 views

CVE-2026-46210

The CVE-2026-46210 issue affects the Linux kernel Iris media driver. A race between per-instance locks (inst->lock) and the core list lock (core->lock) allows a use-after-free during MBPF checks: MBPF iterates the core list and reads fields like fmt_src->width/height while iris_close() m...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.45 views

CVE-2026-45918 ovpn: tcp - don't deref NULL sk_socket member after tcp_close()

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...

0.00163EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-45916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - power: supply: sbs-battery: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registerin...

7.8CVSS6.9AI score0.0016EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.14 views

CVE-2026-45949

hwrng: core - use RCU and workstruct to fix race condition...

5.8AI score0.00088EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/26 6:16 p.m.11 views

CVE-2026-24199

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service...

4.7CVSS5.8AI score0.00092EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/26 5:18 p.m.45 views

CVE-2026-24199

NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of this vulnerability might lead to denial of service...

4.7CVSS0.00092EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race conditions during ffsep0queuewait When performing fast composition switching, there is a possibility that the process of ffsep0write/ffsep0read may enter a race condition due to ep0req being freed...

7.8CVSS6.3AI score0.0022EPSS
Exploits0References2
Rows per page
Query Builder