Lucene search
K

28164 matches found

CVE
CVE
added 2026/06/25 8:39 a.m.11 views

CVE-2026-53212

The CVE-2026-53212 issue affects the Linux kernel nft_tunnel implementation within netfilter, where nft_tunnel_obj_destroy() used metadata_dst_free() to free a metadata_dst, bypassing dst_entry refcount accounting. This could leave in-flight packets that hold references (via dst_hold()) dangling,...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References8Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.4 views

EUVD-2026-39299

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2capcore.c:l2capsigchannel accepts BR/EDR signaling packets up to the channel MTU and dispatches each command without enforcing the signaling MTU MTUsig...

5.8AI score0.00176EPSS
Exploits0References8
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53205

The CVE-2026-53205 issue is in the Linux kernel Intel Versatile Processing Unit (IVPU) accelerator driver (accel/ivpu). It stems from insufficient validation of read/write indices in the firmware log buffer, allowing potential out-of-bounds access if firmware supplies invalid indices. Affected sy...

7.1CVSS6AI score0.00131EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.25 views

CVE-2026-53200 KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XNX

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN0 when !FEATXNX XN has already been extracted from its bitfield position so using FIELDPREP on the mask that clears XN0 is completely broken, having the effect of unconditionally granting execute...

8.8CVSS0.00129EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.5 views

CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/06/25 8:38 a.m.9 views

CVE-2026-53184

The CVE-2026-53184 issue affects the Linux kernel UDP sockmap path. On UDP receive, skb->dev is repurposed as dev_scratch; when a SK_SKB verdict program uses BPF socket-lookup helpers (bpf_sk_lookup_tcp/udp, bpf_skc_lookup_tcp), skb->dev may still hold the dev_scratch value, and dev_net(skb...

7.5CVSS5.7AI score0.00506EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.26 views

CVE-2026-53173 accel/ethosu: fix OOB write in ethosu_gem_cmdstream_copy_and_validate()

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:38 a.m.11 views

CVE-2026-53167

In the Linux kernel, CVE-2026-53167 concerns FUSE_NOTIFY_RETRIEVE: the operation must be limited to uptodate folios because !uptodate folios may contain uninitialized data. The fix ensures FUSE_NOTIFY_RETRIEVE only returns data already present in the page cache and does not wait for data from the...

5.7AI score0.00166EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.28 views

CVE-2026-53160 misc: fastrpc: fix use-after-free race in fastrpc_map_create

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix use-after-free race in fastrpcmapcreate fastrpcmaplookup returns a raw pointer after releasing fl-lock. The caller fastrpcmapcreate then calls fastrpcmapget krefgetunlesszero on this unprotected pointer. A...

7.8CVSS0.00125EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:38 a.m.9 views

CVE-2026-53159

The CVE-2026-53159 entry describes a Linux kernel vulnerability in the fastrpc path where fastrpc_get_args() uses find_vma() to locate the VMA for a user pointer and compute a DMA address offset. If the address lies in a gap before the returned VMA, (ptr & PAGE_MASK) - vma->vm_start underflows...

5.7AI score0.00172EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.28 views

CVE-2026-53148 thunderbolt: Clamp XDomain response data copy to allocation size

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Clamp XDomain response data copy to allocation size tbxdppropertiesrequest derives the per-packet copy length from the response header without checking that it fits in the previously allocated data buffer. A maliciou...

0.0014EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.28 views

CVE-2026-53147 thunderbolt: Validate XDomain request packet size before type cast

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without verifying that the allocation is large enough for the target type. A peer...

8.1CVSS0.00283EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/25 8:38 a.m.6 views

EUVD-2026-39238

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Validate XDomain request packet size before type cast tbxdphandlerequest casts the received packet buffer to protocol-specific structs without verifying that the allocation is large enough for the target type. A peer...

5.9AI score0.00283EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:38 a.m.8 views

CVE-2026-53134

The CVE concerns the Linux kernel netfilter nft_fib handling, where NFT_FIB_RESULT_OIFNAME’s destination register span could leak uninitialized kernel stack on lookup-fail paths due to incomplete writes. The fix replaces a bare dest = 0 with nft_fib_store_result(), padding the entire IFNAMSIZ, an...

5.8AI score0.00176EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-52975

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/24 6:32 p.m.3 views

EUVD-2026-38857

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

5.7AI score0.00342EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/24 6:32 p.m.4 views

EUVD-2026-38841

In the Linux kernel, the following vulnerability has been resolved: futex: Drop CLONETHREAD requirement for private default hash alloc Currently needfutexhashallocatedefault depends on strict pthread semantics, abusing CLONETHREAD. This breaks the non-concurrency assumptions when doing the...

5.7AI score0.00128EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-52959

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...

7.8CVSS0.00093EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 5:17 p.m.3 views

UBUNTU-CVE-2026-53020

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential race condition in TLB sync During the TLB sync, we need to traverse and modify the page table, so we should hold the page table lock. Since full SMP support for threads within the same process is still missing,...

7.8CVSS5.7AI score0.0012EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

UBUNTU-CVE-2026-53079

In the Linux kernel, the following vulnerability has been resolved: netsched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdiscrunend, it operates on the root qdisc. If the root qdisc do not implement the TCQFDEQUEUEDROPS flag the packets que...

6.8CVSS5.6AI score0.00145EPSS
Exploits0References3
Rows per page
Query Builder