Lucene search
K

28199 matches found

Debian CVE
Debian CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-53004

In the Linux kernel, the following vulnerability has been resolved: sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the peer AUTH chunk list with if len gauthchunks, which lives at offset...

5.9AI score0.00176EPSS
Exploits0
CVE
CVE
added 2026/06/24 4:29 p.m.8 views

CVE-2026-52995

The CVE-2026-52995 issue affects the Linux kernel’s RDS path: rds_for_each_conn_info() and rds_walk_conn_path_info() pass a caller-allocated on-stack buffer to visitors and then copy item_len bytes back to user space, potentially exposing uninitialized stack data. In particular, rds_ib_conn_info_...

6AI score0.00176EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/24 4:29 p.m.26 views

CVE-2026-52989 nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

9.8CVSS0.00342EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:29 p.m.13 views

CVE-2026-52987

In the Linux kernel, CVE-2026-52987 arises from drm/amdgpu: double calls to drm_exec_fini() in userq_validate when new_addition is true. The code calls drm_exec_fini(&exec) before iterating HMM ranges and then, if amdgpu_ttm_tt_get_user_pages() fails, executes a second drm_exec_fini(&exec) on the...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References5
CVE
CVE
added 2026/06/24 4:28 p.m.9 views

CVE-2026-52956

The CVE-2026-52956 issue affects the Linux kernel’s libceph code, specifically __ceph_x_decrypt(), where a buffer region can be misinterpreted as a ceph_x_encrypt_header and hdr->magic accessed without ensuring sufficient plaintext size. This can trigger an out-of-bounds memory access when cip...

7.5CVSS5.9AI score0.00359EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/24 4:28 p.m.5 views

CVE-2026-52954

In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decodechooseargs A message of type CEPHMSGOSDMAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may optionally contain chooseargs that get decoded in...

7.5CVSS5.6AI score0.0053EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ublk: The SQE128 flag is validated before accessing the cmd field. The ublkctrlcmddump function accesses the sqe-cmd field before checking the IOURINGFSQE128 flag. This could lead to out-of-boundary memory access. The flag...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: power: supply: In the pm8916bmsvm module, there was a use-after-free issue in the powersupplychanged function. The use of the devm variant for requesting IRQs before using the devm variant for allocating/registering the powersupp...

7.8CVSS5.8AI score0.00159EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/panel: A possible null pointer dereference in jdipaneldsiremove has been fixed. In jdipaneldsiremove, jdi is explicitly checked, indicating that it may be NULL: c if !jdi mipidsidetachdsi; However, when jdi is NULL, the...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: genirq/irqsim: Proper initialization of work context pointers Proper initialization of the pointers to the ops member by using kzalloc instead of kmalloc when allocating the simulation work context. Otherwise, the pointers may...

5.5CVSS6.4AI score0.00158EPSS
Exploits0References4
OSV
OSV
added 2026/06/24 10:17 a.m.2 views

UBUNTU-CVE-2026-52943

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: fix missing zerocopy reference in pskbcarve helpers pskbcarveinsideheader and pskbcarveinsidenonlinear both copy the old skbsharedinfo header into a new buffer via memcpy, which includes the destructorarg pointer uar...

7.8CVSS5.8AI score0.0018EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 8:16 a.m.8 views

CVE-2026-52924

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

9.8CVSS0.00265EPSS
Exploits0References11
OSV
OSV
added 2026/06/24 8:16 a.m.2 views

UBUNTU-CVE-2026-52940

In the Linux kernel, the following vulnerability has been resolved: tun: zero the whole vnet header in tunputuser tunputuser declares an on-stack struct virtionethdrv1hashtunnel without zeroing it. For a non-tunnel skb, virtionethdrtnlfromskb only initializes the first 10 bytes sizeofstruct...

5.7AI score0.00154EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52924

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

9.8CVSS5.7AI score0.00265EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/06/24 7:14 a.m.17 views

CVE-2026-52924

The CVE-2026-52924 entry describes a Linux kernel SCTP use-after-free vulnerability triggered during Stale COOKIE-ECHO handling. In COOKIE_WAIT transitions, sctp_stream_update() can leave a stale out_curr pointer after rolling back from COOKIE_ECHOED to COOKIE_WAIT, so scheduler paths (FCFS/RR/PR...

9.8CVSS5.8AI score0.00265EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2026/06/24 7:14 a.m.10 views

CVE-2026-52922

CVE-2026-52922 affects batman-adv in the Linux kernel. The root cause is that batadv_dat_forward_data() duplicates an skb via pskb_copy_for_clone() but does not verify the allocation result before passing the skb to batadv_send_skb_prepare_unicast_4addr(), which can dereference a NULL skb and tri...

7.5CVSS5.8AI score0.00394EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51863

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the kvm reset dirty gfn function within the Kernel-based Virtual Machine KVM component. A local attacker with access to /dev/kvm can manipulate dirty ring...

7CVSS6AI score0.00147EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-51758

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel due to a missing zerocopy reference in the pskb carve inside header and pskb carve inside nonlinear functions. Both functions copy the s...

7.8CVSS5.8AI score0.0018EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51898

Name of the Vulnerable Software and Affected Versions Linux kernel version 7.0-13-generic Description An out-of-bounds write to userspace exists in the sctp getsockopt peer auth chunks function. The function fails to account for the 8-byte header of the struct sctp authchunks when validating the...

6.2AI score0.00176EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.36 views

AlmaLinux 8 : kernel (ALSA-2026:27811)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:27811 advisory. kernel: selinux: fix overlayfs mmap and mprotect access checks CVE-2026-46054 Tenable has extracted the preceding description block directly from the AlmaLinux...

7.1CVSS6AI score0.00118EPSS
Exploits0References3
Rows per page
Query Builder